public async Task <ActionResult <ReleaseNews> > PostReleaseNews(ReleaseNews releaseNews)
{
var userId = User.FindFirstValue(ClaimTypes.NameIdentifier); // will give the user's userId
var user = await _userManager.FindByIdAsync(userId);
var role = await _userManager.GetRolesAsync(user);
if (role.Count == 0 || role[0] != "Admin")
{
return(Forbid());
}
releaseNews.CreatedDate = DateTime.Now;
_context.News.Add(releaseNews);
await _context.SaveChangesAsync();
return(CreatedAtAction("GetReleaseNews", new { id = releaseNews.Id }, releaseNews));
}
public async Task <IActionResult> PutReleaseNews(int id, ReleaseNews releaseNews)
{
if (id != releaseNews.Id)
{
return(BadRequest());
}
var userId = User.FindFirstValue(ClaimTypes.NameIdentifier); // will give the user's userId
var user = await _userManager.FindByIdAsync(userId);
var role = await _userManager.GetRolesAsync(user);
if (role.Count == 0 || role[0] != "Admin")
{
return(Forbid());
}
releaseNews.UpdatedDate = DateTime.Now;
_context.Entry(releaseNews).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!ReleaseNewsExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(NoContent());
}
