public IHttpActionResult PutRole(int id, Role role)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != role.RoleId)
{
return(BadRequest());
}
db.Entry(role).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!RoleExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
public IHttpActionResult PutExhibition(int id, Exhibition exhibition)
{
User user = db.Users.Where(u => u.Username == User.Identity.Name).FirstOrDefault();
if (!ModelState.IsValid || user.RoleId != 2)
{
return(BadRequest(ModelState));
}
if (id != exhibition.ExhibitionId)
{
return(BadRequest());
}
db.Entry(exhibition).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!ExhibitionExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
public IHttpActionResult PutUser(int id, User user)
{
if (!ModelState.IsValid || user.RoleId == 1)
{
return(BadRequest(ModelState));
}
if (id != user.UserId)
{
return(BadRequest());
}
db.Entry(user).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!UserExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
public IHttpActionResult PutPosting([FromUri] int id, [FromBody] Posting posting)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
User user = db.Users.Where(u => u.Username == User.Identity.Name).FirstOrDefault();
Competition competition = db.Competitions.Where(c => c.CompetitionId == posting.CompetitionId).FirstOrDefault();
Posting postingDB = db.Postings.Where(p => p.PostingId == id).FirstOrDefault();
Posting postingSubmit = new Posting();
postingSubmit = postingDB;
switch (user.RoleId)
{
case 3:
//TODO teacher
if (user.UserId != competition.UserId)
{
return(BadRequest());
}
postingSubmit.Mark = posting.Mark;
break;
case 4:
//TODO student
if (user.UserId != postingDB.UserId)
{
return(BadRequest());
}
postingSubmit.ImagePath = posting.ImagePath;
postingSubmit.Quote = posting.Quote;
break;
default:
return(BadRequest());
}
db.Entry(postingSubmit).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!PostingExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
