public IActionResult EditDebt([FromBody] DebtEditDto debtDto)
{
try
{
_debtsService.Update(debtDto);
return(Ok());
}
catch (NotFoundException)
{
return(NotFound());
}
catch (ForbiddenException)
{
return(Forbid());
}
}
public void Update(DebtEditDto debtDto)
{
var debt = _context.Debts.Find(debtDto.Id);
var userId = Convert.ToInt32(_httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier)?.Value);
if (debt == null)
{
throw new NotFoundException();
}
bool isAccessAllow = userId == debt.GiverId || userId == debt.TakerId;
if (!isAccessAllow)
{
throw new ForbiddenException();
}
debt.Sum = debtDto.Sum;
debt.Deadline = debtDto.Deadline;
debt.Description = debtDto.Description;
_context.SaveChanges();
}
