public IHttpActionResult AddComment(int postId, CommentBindingModel model)
{
var post = this.Data.Posts.All().FirstOrDefault(p => p.Id == postId);
if (post == null)
{
return this.BadRequest(String.Format("there is no post with id {0}", postId));
}
if (post.IsPostHidden)
{
return this.NotFound();
}
if (!this.ModelState.IsValid)
{
return this.BadRequest(this.ModelState);
}
var currentUserId = this.User.Identity.GetUserId();
var loggedUser = this.Data.ApplicationUsers.All().FirstOrDefault(u => u.Id == currentUserId);
bool isFriend = loggedUser.Friends.Any(f => f.Id == post.WallOwnerId || f.Id == post.OwnerId);
// You can comment only your friends posts or comment posts on your friends wall
if (!isFriend && currentUserId != post.WallOwnerId)
{
return this.BadRequest("You can comment only friend posts");
}
var comment = new Comment()
{
Content = model.Content,
PostId = postId,
CreatedOn = DateTime.Now,
CommentOwner = loggedUser,
PostOwner = post.Owner
};
this.Data.Comments.Add(comment);
this.Data.SaveChanges();
var postedComment =
this.Data.Comments.All()
.Where(c => c.Id == comment.Id)
.Select(CommentViewModel.Create)
.FirstOrDefault();
return this.Ok(postedComment);
}
public IHttpActionResult EditComment(int commentId, CommentBindingModel model)
{
if (model == null)
{
return this.BadRequest("Model cannot be null");
}
if (!this.ModelState.IsValid)
{
return this.BadRequest(this.ModelState);
}
var comment = this.Data.Comments.All().FirstOrDefault(c => c.Id == commentId);
if (comment == null)
{
return this.NotFound();
}
var currentUserId = this.User.Identity.GetUserId();
if (currentUserId != comment.CommentOwner.Id)
{
return this.Unauthorized();
}
comment.Content = model.Content;
this.Data.SaveChanges();
var viewModel = this.Data.Comments.All().Where(c => c.Id == commentId).Select(CommentViewModel.Create);
return this.Ok(viewModel);
}
