Sunday, 11 September 2016

CRUD operations in ASP.NET Core 1.0 MVC Application Part 6

Let’s implement Delete Contact for our Contacts Application. We are going to extend our application from last discussion CRUD operations in ASP.NET Core 1.0 MVC Application Part 5.

Add DeleteContact Method in ContactBusinessLogic

  • Open existing Solution in Visual Studio 2015.
  • Open WebApplicationCore.NetCore.BusinessLogic.ContactBusinessLogic class.
  • Add new DeleteContact method.
  • It may delete existing contact from mockup list data.
    public bool DeleteContact(int contactId)
    {
        bool deleted = false;

        Contact contact = ContactBusinessLogic.Contacts.FirstOrDefault(c => c.ContactId == contactId);

        if (contact != null)
        {
            ContactBusinessLogic.Contacts.Remove(contact);
            deleted = true;
        }

        return deleted;
    }


Add DeleteContact Action Methods in ContactController

  • Add two new DeleteContact Methods.
    • One DeleteContact method with ContactId parameter and HttpGet attribute to explicitly specify that this is get method. It will take user to confirmation page.
    • Other DeleteContact method with parameter of ContactVM  type and HttpPost attribute to explicitly specify that this is post method. It will be called if user confirms to delete contact, after deleting contact list page will be loaded.
  • It looks odd to have two methods to delete a simple item. We can perform this task with single delete method and even without involving a view. Alternatively, we could have some confirmation dialog to perform delete. Or some other solution with single delete method. I also had such questions in my mind when I read about this practice for first time. Let me summarize this for you:
    • It may create a security holes as anyone can use use a direct link to attack and to delete data. Even a search engine crawler can hit this method unnecessarily. Although we can use Authorize filter to control Delete method call, yet I am convinced that it is an improvisation not a best solution.
    • And as per REST standards, Get method may not change data. And therefor it is not a good practice.
    • In simple, it is not a good practice to perform a delete operation with a get call.
    [HttpGet]
    public IActionResult DeleteContact(int id)
    {
        ContactVM contactVM = new ContactVM
        {
            ContactId = id
        };

        return View(contactVM);
    }

    [HttpPost]
    public IActionResult DeleteContact(ContactVM contactVM)
    {
        ContactBusinessLogic contactBL = new ContactBusinessLogic();

        contactBL.DeleteContact(contactVM.ContactId);

        return RedirectToAction("Index");
    }

Add Contact DeleteContact View

  • Add new View to Contact\Contact folder.
  • Open Add New Item Screen through Solution Context Menu of Contact >> Add >> New Item >> Installed >> .NET Core >> MVC View Page.
  • Name it DeleteContact.cshtml.
  • Click OK Button.
  • It will add a new view in Contact view folder.
    • Now, we have ContactVM objects as model.
    • Delete button to delete contact and Cancel button to return back to list page without deleting contact.
  • Change Index view implementation to add Delete Details option with each record.
@model ContactVM

<h2>Delete Contact</h2>

<form asp-action="DeleteContact">
    <input type="hidden" asp-for="ContactId" />
    <div class="form-horizontal">
        <div class="form-group">
            <label>Please confirm to delete contact</label>
            <div class="col-md-10">
                <input type="submit" value="Delete" class="btn btn-default" />
                <a asp-action="Index"class="btn btn-default">Cancel</a>
            </div>
        </div>
    </div>
</form>

<td>
    <a asp-controller="Contact" asp-action="GetContact" asp-route-id="@item.ContactId">Get Details</a> |
    <a asp-controller="Contact" asp-action="UpdateContact" asp-route-id="@item.ContactId">Edit Details</a> |
    <a asp-controller="Contact" asp-action="DeleteContact" asp-route-id="@item.ContactId">Delete Details</a>
</td>


Run Application in Debug Mode

  • Press F5 or Debug Menu >> Start Debugging or Start IIS Express Button on Toolbar to start application in debugging mode.
  • It will show Home Page in browser.
  • Click Contact List Menu Open to open Contact List Page.
  • Click Delete Details link to open Delete Contact Page and URL will change to http://localhost:21840/Contact/DeleteContact/3.
  • Click Delete button. It will delete contact and it will load contact list page.


No comments:

Post a Comment