public IHttpActionResult AddPost(AddNewPostBindingModel bindingModel)
{
if (bindingModel == null)
{
return(this.BadRequest("Invalid data!"));
}
if (!this.ModelState.IsValid)
{
return(this.BadRequest(this.ModelState));
}
var existingWallOwner = this.Data
.Users
.All()
.FirstOrDefault(u => u.UserName == bindingModel.Username);
if (existingWallOwner == null)
{
return(this.BadRequest("No such user!"));
}
var currentUserId = this.UserIdProvider.GetUserId();
var currentUser = this.Data.Users.Find(currentUserId);
if ((!currentUser.Friends.Contains(existingWallOwner)) && (currentUserId != existingWallOwner.Id))
{
return(this.BadRequest("You have no permissions to make this post."));
}
var post = new Post
{
Content = bindingModel.PostContent,
PostedOn = DateTime.Now,
AuthorId = currentUserId,
WallOwnerId = existingWallOwner.Id
};
this.Data.Posts.Add(post);
this.Data.SaveChanges();
AddPostViewModel postViewModel = AddPostViewModel.ConvertTo(post, currentUser);
return(this.Ok(postViewModel));
}
public IHttpActionResult AddPost(AddNewPostBindingModel bindingModel)
{
if (bindingModel == null)
{
return this.BadRequest("Invalid data!");
}
if (!this.ModelState.IsValid)
{
return this.BadRequest(this.ModelState);
}
var existingWallOwner = this.Data
.Users
.All()
.FirstOrDefault(u => u.UserName == bindingModel.Username);
if (existingWallOwner == null)
{
return this.BadRequest("No such user!");
}
var currentUserId = this.UserIdProvider.GetUserId();
var currentUser = this.Data.Users.Find(currentUserId);
if ((!currentUser.Friends.Contains(existingWallOwner)) && (currentUserId != existingWallOwner.Id))
{
return this.BadRequest("You have no permissions to make this post.");
}
var post = new Post
{
Content = bindingModel.PostContent,
PostedOn = DateTime.Now,
AuthorId = currentUserId,
WallOwnerId = existingWallOwner.Id
};
this.Data.Posts.Add(post);
this.Data.SaveChanges();
AddPostViewModel postViewModel = AddPostViewModel.ConvertTo(post, currentUser);
return this.Ok(postViewModel);
}
