public IHttpActionResult PutMeal(int id, Meal meal)
        {
            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            if (id != meal.MealId)
            {
                return BadRequest();
            }

            // Only Administrator or the owner of this meal may manipulate it
            var user = db.Users.Where(x => x.UserName == User.Identity.Name).Single();
            if(!User.IsInRole("Administrator")&&user.Id!=meal.ApplicationUserId)
            {
                return BadRequest();
            }

            meal.Year = meal.DateTime.Year;
            meal.Month = meal.DateTime.Month;
            meal.Day = meal.DateTime.Day;

            db.Entry(meal).State = EntityState.Modified;

            try
            {
                db.SaveChanges();
            }
            catch (DbUpdateConcurrencyException)
            {
                if (!MealExists(id))
                {
                    return NotFound();
                }
                else
                {
                    throw;
                }
            }

            return StatusCode(HttpStatusCode.NoContent);
        }
        public IHttpActionResult PostMeal(Meal meal)
        {
            var user = db.Users.Where(x => x.UserName == User.Identity.Name).Single();
            meal.Year = meal.DateTime.Year;
            meal.Month = meal.DateTime.Month;
            meal.Day = meal.DateTime.Day;

            user.Meals.Add(meal);

            db.SaveChanges();

            return CreatedAtRoute("DefaultApi", new { id = meal.MealId }, meal);
        }