//[ValidateAntiForgeryToken] public ActionResult DenyConnect(string username, int? notificationID) { ConnectionRequest conn = new ConnectionRequest(); if (ModelState.IsValid) { //read notification if (username == null) { return new HttpStatusCodeResult(HttpStatusCode.BadRequest); } if (notificationID != null) { Notification notification = db.Notifications.Find(notificationID); if (notification == null) { return HttpNotFound(); } if (!notification.IsRead) { notification.IsRead = true; db.Entry(notification).State = EntityState.Modified; db.SaveChanges(); } } if (username == null) { return new HttpStatusCodeResult(HttpStatusCode.BadRequest); } // Find the user IDs for the users that were passed in User thisUser = manager.FindById(User.Identity.GetUserId()); User otherUser = db.Users.Where(u => u.UserName.Equals(username)).First(); // A user cannot connect with themself if (thisUser.Equals(otherUser)) { return new HttpStatusCodeResult(HttpStatusCode.BadRequest); } // Find the request to delete: the otherUser is the sender of the request var request = db.ConnectionRequests.Where(c => (c.Sender.UserName == otherUser.UserName && c.RequestedUser.UserName == thisUser.UserName)); if (request.Count() == 0) { return RedirectToAction("Index", new { username = username, Message = ProfileMessageId.ConnectionFailure }); } // Delete the connection request var reqToDelete = request.First(); db.ConnectionRequests.Remove(reqToDelete); db.Notifications.Add(FriendNotification.CreateDenyNotification(otherUser, thisUser)); db.SaveChanges(); return RedirectToAction("Index", new { username = username, Message = ProfileMessageId.DenySuccess }); } return RedirectToAction("Index", new { username = username, Message = ProfileMessageId.ConnectionFailure }); }
public ActionResult RequestConnection(string username) { ConnectionRequest conn = new ConnectionRequest(); if (ModelState.IsValid) { if (username == null) { return new HttpStatusCodeResult(HttpStatusCode.BadRequest); } // Find the user IDs for the users that were passed in User thisUser = manager.FindById(User.Identity.GetUserId()); User otherUser = db.Users.Where(u => u.UserName.Equals(username)).First(); // A user cannot connect with themself if (thisUser.Equals(otherUser)) { return new HttpStatusCodeResult(HttpStatusCode.BadRequest); } else { // Don't connect users that have already been connected or who have already have a pending request var connection = db.Connections.Where(c => (c.User1.UserName == thisUser.UserName && c.User2.UserName == otherUser.UserName) || (c.User2.UserName == thisUser.UserName && c.User1.UserName == otherUser.UserName)); var request = db.ConnectionRequests.Where(c => (c.Sender.UserName == thisUser.UserName && c.RequestedUser.UserName == otherUser.UserName) || (c.RequestedUser.UserName == thisUser.UserName && c.Sender.UserName == otherUser.UserName)); if (connection.Count() > 0 || request.Count() > 0) { return RedirectToAction("Index", new { username = username, Message = ProfileMessageId.ConnectionFailure }); } } conn.Sender = thisUser; conn.RequestedUser = otherUser; // save changes db.ConnectionRequests.Add(conn); db.Notifications.Add(FriendNotification.CreateRequestNotification(otherUser, thisUser)); db.SaveChanges(); return RedirectToAction("Index", new { username = username, Message = ProfileMessageId.RequestSuccess }); } return RedirectToAction("Index", new { username = username, Message = ProfileMessageId.ConnectionFailure }); }