public IHttpActionResult PutCourse(int id, CourseDetailDTO courseDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null)
{
return(Unauthorized());
}
Course course = db.Courses.Find(id);
if (courseDTO == null || course == null || !ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course)))
{
return(Unauthorized());
}
if (courseDTO.NewGradingSchemeName != null)
{
foreach (GradingScheme scheme in db.GradingSchemes)
{
if (courseDTO.NewGradingSchemeName.Equals(scheme.Name))
{
course.GradingSchemeId = scheme.Id;
break;
}
}
}
if (!courseDTO.Validate(course))
{
return(BadRequest());
}
courseDTO.Update(course);
string error = db.Update(course, Modified);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id));
}
public IHttpActionResult PostCourse(CourseDetailDTO courseDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
if (!ModelState.IsValid || !courseDTO.Validate(null))
{
return(BadRequest());
}
Course course = courseDTO.Create(authorizedUser.GetTeacher().Id);
string error = db.Update(course, Added);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id));
}
