public IActionResult Update([FromBody] UserViewData item)
{
var session = HttpContext.Get <LoggableEntities>(_context);
var current_User = session == null ? null : session.User;
var current_Admin = session == null ? null : session.Admin;
var allowed_items = ApiTokenValid ? _context.User : (current_User != null ? (from _User in _context.User where _User.Id == current_User.Id
select _User) : _context.User);
if (!allowed_items.Any(i => i.Id == item.Id))
{
return(Unauthorized());
}
var new_item = UserViewData.FromUserViewData(item, _context);
if (current_User != null && new_item.Id == current_User.Id)
{
HttpContext.Set <LoggableEntities>(_context, new LoggableEntities()
{
User = new_item
});
}
var can_edit_by_token = ApiTokenValid || true;
if (item == null || !can_edit_by_token)
{
return(Unauthorized());
}
// throw new Exception("Unauthorized edit attempt");
_context.Update(new_item);
_context.Entry(new_item).Property(x => x.Username).IsModified = false;
_context.Entry(new_item).Property(x => x.Email).IsModified = false;
_context.Entry(new_item).Property(x => x.CreatedDate).IsModified = false;
_context.SaveChanges();
return(Ok());
}
public IActionResult Update([FromBody] American item)
{
var session = HttpContext.Get <LoggableEntities>(_context);
var current_User = session == null ? null : session.User;
var current_Admin = session == null ? null : session.Admin;
var allowed_items = ApiTokenValid ? _context.American : _context.American;
if (!allowed_items.Any(i => i.Id == item.Id))
{
return(Unauthorized());
}
var new_item = item;
var can_edit_by_token = ApiTokenValid || true;
if (item == null || !can_edit_by_token)
{
return(Unauthorized());
}
// throw new Exception("Unauthorized edit attempt");
_context.Update(new_item);
_context.Entry(new_item).Property(x => x.CreatedDate).IsModified = false;
_context.SaveChanges();
return(Ok());
}
