public async Task <ActionResult> Post(ReviewUpsertDto reviewUpsertDto) { var userId = Convert.ToInt32(HttpContext.User.Claims.ToList()[0].Value); var reviewReadDto = await _reviewService.CreateReviewReadDto(reviewUpsertDto, userId); _logger.LogInformation(LogMessages.EntityCreated); return(CreatedAtAction(nameof(Get), new { reviewReadDto.Id }, reviewReadDto)); }
public async Task <ActionResult> Put(int id, ReviewUpsertDto reviewUpsertDto) { var userId = Convert.ToInt32(HttpContext.User.Claims.ToList()[0].Value); var userRole = HttpContext.User.Claims.ToList()[3].Value; await _reviewService.UpdateReview(id, reviewUpsertDto, userId, userRole); _logger.LogInformation(LogMessages.EntityUpdated); return(Ok()); }
public async Task <ReviewReadDto> CreateReviewReadDto(ReviewUpsertDto reviewUpsertDto, int userId) { var review = _mapper.Map <Review>(reviewUpsertDto); review.UserId = userId; await _unitOfWork.Reviews.Create(review); await _unitOfWork.Save(); return(_mapper.Map <ReviewReadDto>(review)); }
public async Task UpdateReview(int id, ReviewUpsertDto reviewUpsertDto, int userId, string userRole) { var review = await FindReview(id); if (review.UserId != userId && userRole != "Admin") { throw new BadRequestException("Unauthorized Attempt"); } _mapper.Map(reviewUpsertDto, review); await _unitOfWork.Reviews.Update(review); await _unitOfWork.Save(); }