public ActionResult Bill(int id) { if (User.IsInRole("contractor")) { return new HttpUnauthorizedResult(); } var bill = billsRepository.GetById(id); if (bill == null) { return HttpNotFound(); } var building = bill.Reserve.Building; LinksModel links = new LinksModel(); if (Session["lastPageId"] != null) { links.Id = (int)Session["lastPageId"]; } var person = personsRepository.GetPersonByUsername(User.Identity.Name); string role = (string)Session["role"] ?? string.Empty; if (role == "representative") { if (!building.RepresentativeOfPartOwners.Equals(person)) { return new HttpUnauthorizedResult(); } links.Links = NavLinksGenerator.GetRepresentativeLinks(building, "Pričuva"); } else if (role == "buildingmanager") { if (!building.BuildingManager.LegalPerson.Equals(person as LegalPerson)) { return new HttpUnauthorizedResult(); } links.Links = NavLinksGenerator.GetManagerLinks(building, "Pričuva"); } else if (role == "owner") { if (!building.GetOwners().Any(o => o.Oib == person.Oib)) { return new HttpUnauthorizedResult(); } links.Links = NavLinksGenerator.GetOwnerLinks(building, "Pričuva"); } var model = new BillMethodModel { Bill = Mapper.Map<Bill, BillModel>(bill), Roles = Roles.GetRolesForUser(), CurrentRole = role, Links = links }; return View(model); }
public ActionResult PrintBill(int id) { if (!User.IsInRole("owner")) { return new HttpUnauthorizedResult(); } var bill = billsRepository.GetById(id); if (bill == null) { return HttpNotFound(); } var building = bill.Reserve.Building; var person = personsRepository.GetPersonByUsername(User.Identity.Name); if (!building.GetOwners().Any(o => o.Oib == person.Oib)) { return new HttpUnauthorizedResult(); } var model = new BillMethodModel { Bill = Mapper.Map<Bill, BillModel>(bill), Roles = Roles.GetRolesForUser() }; return View("~/Views/Finances/PrintBill.cshtml", model); }
public ActionResult PrintBill(int id) { if (User.IsInRole("contractor")) { return new HttpUnauthorizedResult(); } var bill = billsRepository.GetById(id); if (bill == null) { return HttpNotFound(); } var building = bill.Reserve.Building; var person = personsRepository.GetPersonByUsername(User.Identity.Name); if (!(building.RepresentativeOfPartOwners.Equals(person) || building.BuildingManager.LegalPerson.Equals(person as LegalPerson) || building.GetOwners().Any(o => o.Oib == person.Oib))) { return new HttpUnauthorizedResult(); } var model = new BillMethodModel { Bill = Mapper.Map<Bill, BillModel>(bill), Roles = Roles.GetRolesForUser(), }; return View(model); }