/// <summary>
/// DELETE /api/orders/{id}
/// </summary>
/// <param name="id"></param>
/// <param name="data"></param>
/// <returns></returns>
public HttpResponseMessage Delete(int id, OrderModel model)
{
var context = this.DbContext;
var entity = context.Orders.Find(id);
if (entity == null)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.NotFound));
}
if (!this.User.CanDelete(entity))
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Forbidden));
}
// create the web event
var webEvent = new OrderDeletedEvent(entity);
// delete the entity
context.Orders.Remove(entity);
// persist changes to the database
context.SaveChanges();
// fire the web event
webEvent.Raise();
return new HttpResponseMessage(HttpStatusCode.NoContent);
}
/// <summary>
/// PUT /api/orders/{id}
/// </summary>
/// <param name="id"></param>
/// <param name="data"></param>
/// <returns></returns>
public OrderModel Put(int id, OrderModel model)
{
var context = this.DbContext;
var entity = context.Orders.Find(id);
if (entity == null)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.NotFound));
}
if (!this.User.CanUpdate(entity))
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Forbidden));
}
// update the entity
entity.UpdateFrom(model);
// update Customer property
if (entity.Customer == null
|| entity.Customer.Id != model.CustomerId)
{
entity.Customer = context.Customers.Find(model.CustomerId);
}
// update Employee property
if (entity.Employee == null
|| entity.Employee.Id != model.EmployeeId)
{
entity.Employee = context.Employees.Find(model.EmployeeId);
}
// update Shipper property
if (entity.Shipper == null
|| entity.Shipper.Id != model.ShipperId)
{
entity.Shipper = context.Shippers.Find(model.ShipperId);
}
// update order details from cookie
UpdateOrderDetailsFromCookie(entity, context, "OrderDetails");
// persist changes to the database
context.SaveChanges();
// fire the web event
new OrderUpdatedEvent(entity).Raise();
return selector(entity);
}
/// <summary>
/// POST /api/orders
/// </summary>
/// <param name="data"></param>
/// <returns></returns>
public HttpResponseMessage Post(OrderModel model)
{
var context = this.DbContext;
if (!this.User.CanCreate<Order>())
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Forbidden));
}
// transform the OrderModel to Order
var entity = model.TransformTo<Order>();
// update Customer property
if (entity.Customer == null
|| entity.Customer.Id != model.CustomerId)
{
entity.Customer = context.Customers.Find(model.CustomerId);
}
// update Employee property
if (entity.Employee == null
|| entity.Employee.Id != model.EmployeeId)
{
entity.Employee = context.Employees.Find(model.EmployeeId);
}
// update Shipper property
if (entity.Shipper == null
|| entity.Shipper.Id != model.ShipperId)
{
entity.Shipper = context.Shippers.Find(model.ShipperId);
}
// update order details from cookie
UpdateOrderDetailsFromCookie(entity, context, "OrderDetails");
// add the entity
context.Orders.Add(entity);
// persist changes to the database
context.SaveChanges();
// fire the web event
new OrderCreatedEvent(entity).Raise();
// create response
var response = Request.CreateResponse<OrderModel>(HttpStatusCode.Created, selector(entity));
string uri = Url.Link("Api", new { id = entity.Id });
response.Headers.Location = new Uri(uri);
return response;
}
