public async Task<IHttpActionResult> Put(long id, OrderItem entity)
{
var user = await _authRepository.FindUser(HttpContext.Current.User as ClaimsPrincipal);
var isAdmin = await _authRepository.IsAdmin(HttpContext.Current.User as ClaimsPrincipal);
if (!isAdmin)
{
return StatusCode(HttpStatusCode.Forbidden);
}
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
if (id != entity.Id)
{
return BadRequest();
}
await _orderRepository.Update(entity);
await _unitOfWork.CompleteAsync();
return StatusCode(HttpStatusCode.NoContent);
}
public async Task<IHttpActionResult> Post(OrderItem vmModel)
{
long? productId = vmModel.ProductId;
var user = await _authRepository.FindUser(HttpContext.Current.User as ClaimsPrincipal);
var product = await _unitOfWork.Products.GetAsync(productId);
if (product == null)
{
return BadRequest();
}
var order = new OrderItem()
{
Product = product,
ProductId = productId,
User = user,
UserId = user.Id
};
var carts = await _unitOfWork.Carts.FindAsync(c => c.ProductId == productId && c.UserId == user.Id);
var cart = carts.FirstOrDefault();
_unitOfWork.Carts.Remove(cart);
_orderRepository.Add(order);
await _unitOfWork.CompleteAsync();
return Ok();
}
