private bool IsUserLoggedIn()
{
if (Session["UserID"] == null)
{
return(false);
}
using (UserDBContext db = new UserDBContext())
{
User user = db.GetUserById(Int32.Parse(Session["UserID"].ToString()));
if (user.id == 0) // User deleted from DB
{
Session["UserID"] = null;
Session["UserName"] = null;
Session["UserPrivilege"] = null;
return(false);
}
Session["UserID"] = user.id.ToString();
Session["UserName"] = user.Name.ToString();
Session["UserPrivilege"] = user.Privilege ? "1" : "0";
}
return(true);
}
public async Task <IHttpActionResult> GetUserById(string id)
{
try
{
var data = await UserDBContext.GetUserById(id);
return(Ok(data));
}
catch (Exception ex)
{
throw ex;
}
}
public ActionResult Edit(int id)
{
if (!IsUserLoggedIn())
{
TempData["RedirectMessage"] = "Access denied. Please login.";
return(RedirectToAction("Index", "Home"));
}
if (!IsUserAdmin())
{
return(RedirectToAction("Index", "Contents"));
}
User user = new User();
if (id < 0)
{
return(RedirectToAction("Error", "Home", new { id = 0 }));
}
if (id > 0)
{
using (UserDBContext db = new UserDBContext())
{
user = db.GetUserById(id);
if (user.id == 0)
{
return(RedirectToAction("Error", "Home", new { id = 0 }));
}
return(View(user));
}
}
return(View(user));
}