public async Task <ActionResult> CreateAsync([FromForm] EventCreateDto eventCreateDto)
{
_logger.LogMethodCallingWithObject(eventCreateDto);
var hostRoot = _hostServices.GetHostPath();
await _eventManager.AddEventAsync(eventCreateDto, hostRoot);
return(Ok());
}
public async Task <ActionResult> Create([FromForm] PostCreateDto PostCreateDto)
{
return(await HandleExceptions(async() =>
{
if (ModelState.IsValid)
{
var hostRoot = _hostServices.GetHostPath();
await _postManager.AddPostAsync(PostCreateDto, hostRoot);
return Ok();
}
return BadRequest("Model state is not valid");
}));
}
public async Task <ActionResult <UserToUpdateDto> > Update(int userId)
{
return(await HandleExceptions(async() =>
{
var role = User.Claims.FirstOrDefault(x => x.Type.Equals(ClaimsIdentity.DefaultRoleClaimType))?.Value;
var currentUserId = User.Claims.FirstOrDefault(x => x.Type.Equals(ClaimsIdentity.DefaultNameClaimType))?.Value;
if (role != "Admin" && Int32.Parse(currentUserId) != userId)
{
return Forbid("Access denied");
}
var hostRoot = _hostServices.GetHostPath();
return Ok(await _userManager.GetUserToUpdateAsync(userId));
}));
}
public async Task <ActionResult <UserToUpdateDto> > UpdateAsync(string userId)
{
_logger.LogMethodCallingWithObject(new { userId });
var role = User.Claims.FirstOrDefault(x => x.Type.Equals(ClaimsIdentity.DefaultRoleClaimType))?.Value;
var currentUserId = User.Claims.FirstOrDefault(x => x.Type.Equals(ClaimsIdentity.DefaultNameClaimType))?.Value;
if (Equals(role, "Admin") && !Equals(currentUserId, userId))
{
return(Forbid("Access denied"));
}
var hostRoot = _hostServices.GetHostPath();
return(Ok(await _userManager.GetUserToUpdateAsync(Guid.Parse(userId))));
}