public ActionResult ApproveRequest(TransferNumber transferNumber) { //gets user id for current user int userId = userDAO.GetUser(User.Identity.Name).UserId; //gets account from current user's id Account userAccount = accountDAO.GetAccountFromUserId(userId); //gets balance for current user's account decimal accountBalance = userAccount.Balance; //creates transfer object for base data of transfer i.e. just ids for types, accounts, no names RawTransferData transfer = transferDAO.GetTransferFromId(transferNumber.TransferId); //gets amount of transfer from transfer object decimal transferAmount = transfer.Amount; //gets account for recipient from account number Account recipientAccount = accountDAO.GetAccountFromAccountNumber(transfer.AccountTo); //checks to prevent user from approving request they made if (transfer.AccountTo == userAccount.AccountId) { return(BadRequest("You cannot approve a request to your own account.")); } //checks to make sure person approving has enough money in account to send if (accountBalance >= transferAmount) { bool reduceSuccess = transferDAO.ReduceBalance(transferAmount, userId); if (!reduceSuccess) { return(StatusCode(500, "Unable to withdraw funds / server issue.")); } bool increaseSuccess = transferDAO.IncreaseBalance(transferAmount, recipientAccount.UserId); if (!increaseSuccess) { return(StatusCode(500, "Unable to add funds / server issue.")); } //updates transfer status from "pending" to "approved" bool createTransferSuccess = transferDAO.UpdateRequest(transferNumber.TransferId, 2); if (!createTransferSuccess) { return(StatusCode(500, "Unable to record transaction / server issue.")); } //if successful, returns status 200 to client w/ message return(Ok("Request Approved, transfer successful.")); } else { return(BadRequest("Insufficient funds.")); } }