Restrict viewing of database events to currently logged on user .Net MVC

Question

I'm using this code, from the nerddinner example. This method will display a list of all the upcoming dinners in a database when called in the controller.

public IQueryable<Dinner> FindUpcomingDinners()
{
    return from dinner in entities.Dinners
           where dinner.EventDate > DateTime.Now
           orderby dinner.EventDate
           select dinner;
}

I would have thought that this:

public IQueryable<Dinner> FindUpcomingDinners()
{
    return from dinner in entities.Dinners
           where dinner.EventDate > DateTime.Now && dinner.HostedBy == User.Identity.Name
           orderby dinner.EventDate
           select dinner;
}

would give me just the dinners that are hosted by the currently logged on user, however I get three errors:

1. Delegate 'System.Func' does not take 1 arguments

2. Cannot convert lambda expression to type 'string' because it is not a delegate type

3. The name 'User' does not exist in the current context

Any pointers in the right direction would be appreciated :)

the current context

Answer 1

User.Identity.Name is only available in the controller. So you might pass it as argument to your method:

public IQueryable<Dinner> FindUpcomingDinners(string user)
{
    return from dinner in entities.Dinners
           where dinner.EventDate > DateTime.Now && dinner.HostedBy == user
           orderby dinner.EventDate
           select dinner;
}

And when calling this method from within the controller action:

var upcomingDinners = dinnerRepository.FindUpcomingDinners(User.Identity.Name);

Also make sure that the user needs to be authenticated to call this controller action ([Authorize] attribute) or you might get an exception if an anonymous user tries to call it.