security: use more antiforgery tokens

Disco.Web/Areas/Config/Models/DocumentTemplate/CreateModel.cs

@@ -10,7 +10,13 @@ namespace Disco.Web.Areas.Config.Models.DocumentTemplate
     [CustomValidation(typeof(CreateModelValidation), "ValidateCreateModel")]
     public class CreateModel : ConfigDocumentTemplateCreateModel
     {
-        public Disco.Models.Repository.DocumentTemplate DocumentTemplate { get; set; }
+        [StringLength(30), Required]
+        public string Id { get; set; }
+
+        [StringLength(250), Required]
+        public string Description { get; set; }
+        [Required, StringLength(6)]
+        public string Scope { get; set; }
 
         [Required]
         public HttpPostedFileBase Template { get; set; }
@@ -21,13 +27,8 @@ namespace Disco.Web.Areas.Config.Models.DocumentTemplate
         public List<Disco.Models.Repository.JobType> JobTypes { get; set; }
         public List<Disco.Models.Repository.JobSubType> JobSubTypes { get; set; }
 
-        public List<string> Scopes
-        {
-            get
-            {
-                return Disco.Models.Repository.DocumentTemplate.DocumentTemplateScopes.ToList();
-            }
-        }
+        public List<string> Scopes =>
+            Disco.Models.Repository.DocumentTemplate.DocumentTemplateScopes.ToList();
 
         public List<Disco.Models.Repository.JobType> GetJobTypes()
         {
@@ -63,7 +64,7 @@ namespace Disco.Web.Areas.Config.Models.DocumentTemplate
         public static ValidationResult ValidateCreateModel(CreateModel model)
         {
 
-            if (model.DocumentTemplate != null && model.DocumentTemplate.Scope == Disco.Models.Repository.DocumentTemplate.DocumentTemplateScopes.Job)
+            if (model.Scope == Disco.Models.Repository.DocumentTemplate.DocumentTemplateScopes.Job)
             {
                 if (model.Types != null && model.SubTypes != null)
                 {

Disco.Web/Areas/Config/Models/DocumentTemplate/CreatePackageModel.cs

@@ -1,20 +1,21 @@
-using Disco.Models.Services.Documents;
+using Disco.Models.Repository;
 using Disco.Models.UI.Config.DocumentTemplate;
 using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
 
 namespace Disco.Web.Areas.Config.Models.DocumentTemplate
 {
     public class CreatePackageModel : ConfigDocumentTemplateCreatePackageModel
     {
-        public DocumentTemplatePackage Package { get; set; }
+        [StringLength(30), Required]
+        public string Id { get; set; }
+        [StringLength(250), Required]
+        public string Description { get; set; }
+        [Required]
+        public AttachmentTypes Scope { get; set; }
 
         public List<string> Scopes
-        {
-            get
-            {
-                return Disco.Models.Repository.DocumentTemplate.DocumentTemplateScopes.ToList();
-            }
-        }
+            => Disco.Models.Repository.DocumentTemplate.DocumentTemplateScopes.ToList();
 
     }
 

Disco.Web/Areas/Config/Models/DocumentTemplate/ShowModel.cs

@@ -5,6 +5,7 @@ using Disco.Models.UI.Config.DocumentTemplate;
 using Disco.Services;
 using Disco.Services.Documents.ManagedGroups;
 using Disco.Services.Expressions;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 
@@ -36,7 +37,7 @@ namespace Disco.Web.Areas.Config.Models.DocumentTemplate
         public DocumentTemplateDevicesManagedGroup DevicesLinkedGroup { get; set; }
         public DocumentTemplateUsersManagedGroup UsersLinkedGroup { get; set; }
 
-        public string BulkGenerateDownloadId { get; set; }
+        public Guid? BulkGenerateDownloadId { get; set; }
 
         public string BulkGenerateDownloadFilename { get; set; }