public IHttpActionResult PostUserMenu(UserMenuViewModel userMenu)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var user = db.Users.Find(userMenu.UserName);
if (user == null)
throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound, "不存在的使用者!"));
var menus = db.Menus.Where(item => item.Id == userMenu.MenuId || item.ParentId == userMenu.MenuId);
foreach (var item in menus)
{
user.Menus.Add(item);
}
try
{
db.SaveChanges();
//寫入AccessLog
MPAccessLog.WriteEntry(User.Identity.Name, AccessAction.Create, "UserMenu", JsonConvert.SerializeObject(new { user.UserName, Menus = menus.Select(m => m.Id + m.Text).ToArray() }));
}
catch (Exception ex)
{
throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.BadRequest, ex.Message));
}
return Ok();
}
public IHttpActionResult DeleteUserMenu(UserMenuViewModel userMenu)
{
var user = db.Users.Find(userMenu.UserName);
if (user == null)
throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound, "不存在的使用者!"));
var menus = db.Menus.Where(item => item.Id == userMenu.MenuId || item.ParentId == userMenu.MenuId);
foreach (var item in menus)
{
user.Menus.Remove(item);
}
db.SaveChanges();
//寫入AccessLog
MPAccessLog.WriteEntry(User.Identity.Name, AccessAction.Delete, "UserMenu", JsonConvert.SerializeObject(new { user.UserName, Menus = menus.Select(m => m.Id + m.Text).ToArray() }));
return Ok();
}