public IHttpActionResult PostKing(KingResult king) { if (!ModelState.IsValid) { return BadRequest(ModelState); } //Get user ID //------------------------------------ var currentUserId = User.Identity.GetUserId(); var currentTeamName = manager.FindById(currentUserId).TeamName; //Set user information so we dont have to send it from javascript. Seems like a hacker could hack the guid being sent through ajax. //------------------------------------ king.TeamName = currentTeamName; king.UserId = currentUserId; db.KingResults.Add(king); db.SaveChanges(); return CreatedAtRoute("DefaultApi", new { id = king.Id }, king); }
// PUT api/King/5 public IHttpActionResult PutKing(int id, KingResult king) { if (!ModelState.IsValid) { return BadRequest(ModelState); } if (id != king.Id) { return BadRequest(); } db.Entry(king).State = EntityState.Modified; try { db.SaveChanges(); } catch (DbUpdateConcurrencyException) { if (!KingExists(id)) { return NotFound(); } else { throw; } } return StatusCode(HttpStatusCode.NoContent); }