public ActionResult ApproveRequest(TransferNumber transferNumber)
{
//gets user id for current user
int userId = userDAO.GetUser(User.Identity.Name).UserId;
//gets account from current user's id
Account userAccount = accountDAO.GetAccountFromUserId(userId);
//gets balance for current user's account
decimal accountBalance = userAccount.Balance;
//creates transfer object for base data of transfer i.e. just ids for types, accounts, no names
RawTransferData transfer = transferDAO.GetTransferFromId(transferNumber.TransferId);
//gets amount of transfer from transfer object
decimal transferAmount = transfer.Amount;
//gets account for recipient from account number
Account recipientAccount = accountDAO.GetAccountFromAccountNumber(transfer.AccountTo);
//checks to prevent user from approving request they made
if (transfer.AccountTo == userAccount.AccountId)
{
return(BadRequest("You cannot approve a request to your own account."));
}
//checks to make sure person approving has enough money in account to send
if (accountBalance >= transferAmount)
{
bool reduceSuccess = transferDAO.ReduceBalance(transferAmount, userId);
if (!reduceSuccess)
{
return(StatusCode(500, "Unable to withdraw funds / server issue."));
}
bool increaseSuccess = transferDAO.IncreaseBalance(transferAmount, recipientAccount.UserId);
if (!increaseSuccess)
{
return(StatusCode(500, "Unable to add funds / server issue."));
}
//updates transfer status from "pending" to "approved"
bool createTransferSuccess = transferDAO.UpdateRequest(transferNumber.TransferId, 2);
if (!createTransferSuccess)
{
return(StatusCode(500, "Unable to record transaction / server issue."));
}
//if successful, returns status 200 to client w/ message
return(Ok("Request Approved, transfer successful."));
}
else
{
return(BadRequest("Insufficient funds."));
}
}
