public async Task <IHttpActionResult> Post([FromBody] AuthorModels author) { if (author.UserId != User.Identity.GetUserId() || User.IsInRole("Администратор")) { return(Ok("Вы не можете сделать другого человека автором")); } using (ApplicationDbContext db = new ApplicationDbContext()) { foreach (var item in db.Author.ToList()) { if (item.UserId == author.UserId) { return(BadRequest("Автор с таким UserId уже существует")); } } db.Author.Add(new AuthorModels { Position = author.Position, AcademicTitle = author.AcademicTitle, AcademicDegree = author.AcademicDegree, AffiliatedOrganization = author.AffiliatedOrganization, UserId = author.UserId }); await db.SaveChangesAsync(); } return(Ok()); }
public ActionResult Create(AuthorModels author) { try { using (var repo = new AuthorRepository()) { repo.Create(author); } return(RedirectToAction("Index")); } catch { return(View()); } }
public ActionResult Edit(int id, AuthorModels editAuthor) { try { using (var repo = new AuthorRepository()) { repo.Edit(editAuthor); } return(RedirectToAction("Index")); } catch { return(View()); } }
public async Task <IHttpActionResult> Put(int id, [FromBody] AuthorModels newAuthor) { using (ApplicationDbContext db = new ApplicationDbContext()) { if (id != newAuthor.Id) { return(BadRequest()); } var UserId = User.Identity.GetUserId(); if (newAuthor.UserId == UserId || User.IsInRole("Администратор")) { db.Entry(newAuthor).State = EntityState.Modified; await db.SaveChangesAsync(); } else { return(Ok("У вас нет доступа к изменению автора")); } } return(Ok()); }