|
At the min, any user can book a holiday for ay employee,
I have added [Authorization] to the controllers, and @if (User.Identity.IsAuthenticated)
in the layout so only logged in users can view the pages. But how can I go about only allowing users to book a holiday for them selves
something like if loggedInUserID(is this assigned automatically when a user is created?) =currentPersoID, although this is only a guess and I would prob have to assign the same loggedInUserID to personID.
any suggestions?
Thanks
|
|
|
|
|
No doubt each employee has a username/name so you can use use compare the username/name of the logged in user to the username/name of the person for whom the holiday booking id for.
|
|
|
|