public async Task <ActionResult <ArticleView> > Update(long id, [FromBody] ArticleCreateView articleCreateView) { var owner = await CurrentUser(); var article = await Context.Articles .Include(a => a.Owner) .FirstOrDefaultAsync(a => a.Id == id); if (article == null) { return(NotFound()); } var authResult = await _authorizationService .AuthorizeAsync(User, article, Operations.Update); if (!authResult.Succeeded) { return(Unauthorized()); } article.Title = articleCreateView.Title; article.Content = articleCreateView.Content; await Context.SaveChangesAsync(); return(new ArticleView(article)); }
public async Task <ActionResult <ArticleView> > Create([FromBody] ArticleCreateView articleCreateView) { var owner = await CurrentUser(); var blog = await Context.Blogs .Where(b => b.Owner == owner) .FirstOrDefaultAsync(b => b.Id == articleCreateView.BlogId); if (blog == null) { return(NotFound()); } var article = new Article { Blog = blog, Content = articleCreateView.Content, Title = articleCreateView.Title, Owner = owner }; Context.Articles.Add(article); await Context.SaveChangesAsync(); return(Ok(new ArticleView(article))); }