public async Task <IHttpActionResult> Put(int id, [FromBody] PublicationDescriptionModels publicationDescription) { using (ApplicationDbContext db = new ApplicationDbContext()) { var UserId = User.Identity.GetUserId(); var result = (from k in db.KeyWord.Where(k => k.Id == id) from p in db.Publications.Where(p => p.UserId == UserId) select k).Include(k => k.Publications).FirstOrDefault(); if (result == null) { return(NotFound()); } if (result.Publications.FirstOrDefault().UserId == UserId || User.IsInRole("Администратор")) { if (id != publicationDescription.Id) { return(BadRequest()); } db.Entry(publicationDescription).State = EntityState.Modified; await db.SaveChangesAsync(); return(Ok("Описание обновлено")); } } return(Ok("У вас нет доступа к обновлению описания")); }
public async Task <IHttpActionResult> Post([FromBody] PublicationDescriptionModels publicationDescription) { using (ApplicationDbContext db = new ApplicationDbContext()) { db.PublicationDescriptions.Add(publicationDescription); await db.SaveChangesAsync(); } return(Ok("Описание добавлено")); }