public async Task <IActionResult> PutUser(int id, User user)
{
if (id != user.Id)
{
return(BadRequest());
}
_context.Entry(user).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!UserExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(NoContent());
}
private void LoadChildrenRecursive(SecurableItem securableItem)
{
AuthorizationDbContext.Entry(securableItem)
.Collection(s => s.SecurableItems)
.Load();
foreach (var childSecurableItem in securableItem.SecurableItems)
{
LoadChildrenRecursive(childSecurableItem);
}
}
private void LoadChildrenRecursive(SecurableItem securableItem)
{
if (securableItem.IsDeleted)
{
return;
}
AuthorizationDbContext.Entry(securableItem)
.Collection(s => s.SecurableItems)
.Load();
foreach (var childSecurableItem in securableItem.SecurableItems.Where(p => !p.IsDeleted))
{
LoadChildrenRecursive(childSecurableItem);
}
}
public IActionResult Delete(String eventId)
{
int id = int.Parse(eventId);
Event e = DbContext
.Events
.Include(e => e.Creator)
.Where(e => e.EventId == id)
.FirstOrDefault();
if (e == null)
{
return(NotFound(
new CRUDResponse
{
IsSuccess = false,
Message = "Event with ID " + eventId + " was not found"
}));
}
DbContext.Entry(e).Reference(p => p.Creator).Load();
var currentUser = GetCurrentUser();
if (
// creator of this event has been deleted from the db
e.Creator == null
// user which is trying to deleted the event does not have permissions
|| e.Creator.Id != currentUser.Id)
{
return(Unauthorized(
new CRUDResponse
{
IsSuccess = false,
Message = "You do not have permissions to delete event with id " + eventId
}));
}
DbContext.Events.Remove(e);
DbContext.SaveChanges();
return(Ok(new CRUDResponse
{
IsSuccess = true,
Message = "Event has been deleted"
}));
}
