public IHttpActionResult IsUserCreator(int?Id)
{
// refering to creator of household or creator of transaction.
// If the user is either of them, return true, as they can manipulate the transaction.
// Doesn't matter if the transaction is on another household, as long as the user has the rights.
if (Id is null)
{
return(BadRequest("Id is invalid."));
}
var userId = User.Identity.GetUserId();
var transaction = DbContext.Transactions.FirstOrDefault(p => p.Id == Id);
if (transaction is null)
{
return(NotFound());
}
var isCreatorView = new IsCreatorViewModel()
{
IsCreator = transaction.CreatorId == userId || transaction.BankAccount.Household.CreatorId == userId
};
return(Ok(isCreatorView));
}
public IHttpActionResult IsUserCreator(int?Id)
{
if (Id is null)
{
return(BadRequest("Id is invalid."));
}
var userId = User.Identity.GetUserId();
var household = DbContext.Households.FirstOrDefault(p => p.Id == Id);
if (household is null)
{
return(NotFound());
}
var isCreatorView = new IsCreatorViewModel()
{
IsCreator = household.CreatorId == userId
};
return(Ok(isCreatorView));
}
