// PUT: odata/Groups(5)
public async Task <IHttpActionResult> Put([FromODataUri] int key, Delta <Group> patch)
{
Validate(patch.GetEntity());
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Group group = await db.Groups.FindAsync(key);
if (group == null)
{
return(NotFound());
}
var check = AuthorizeLogic.VerifyGroupEditPermission(group);
if (check)
{
patch.Put(group);
try
{
await db.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!GroupExists(key))
{
return(NotFound());
}
else
{
throw;
}
}
return(Updated(group));
}
else
{
return(Unauthorized());
}
}
// POST[Authorize]: odata/Groups
public async Task <IHttpActionResult> Post(Group group)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var check = AuthorizeLogic.VerifyGroupEditPermission(group);
if (check)
{
db.Groups.Add(group);
await db.SaveChangesAsync();
return(Created(group));
}
else
{
return(Unauthorized());
}
}
// DELETE: odata/Groups(5)
public async Task <IHttpActionResult> Delete([FromODataUri] int key)
{
Group group = await db.Groups.FindAsync(key);
if (group == null)
{
return(NotFound());
}
var check = AuthorizeLogic.VerifyGroupEditPermission(group);
if (check)
{
db.Groups.Remove(group);
await db.SaveChangesAsync();
return(StatusCode(HttpStatusCode.NoContent));
}
else
{
return(Unauthorized());
}
}
