public async Task EditLotAsync_EditExistingLot_LotUpdated()
        {
            var newLot = new LotDTO()
            {
                BeginDate    = DateTime.Now,
                EndDate      = DateTime.Now.AddDays(2),
                InitialPrice = 10,
                Name         = "Lot 3",
                LotId        = 2,
                UserName     = "******",
                Category     = new CategoryDTO()
                {
                    CategoryId = 1
                }
            };
            var oldLot = new Lot()
            {
                BeginDate    = DateTime.Now.AddDays(5),
                EndDate      = DateTime.Now.AddDays(10),
                InitialPrice = 10,
                Name         = "Lot 3",
                LotId        = 2,
                UserId       = 1,
                CategoryId   = 1
            };

            _mockUnitWork.Setup(x => x.Lots.GetAsync(oldLot.LotId)).ReturnsAsync(oldLot);
            _mockUnitWork.Setup(x => x.Categories.GetAsync(newLot.Category.CategoryId)).ReturnsAsync(new Category());
            _mockUnitWork.Setup(x => x.Lots.Update(It.IsAny <Lot>()));

            await _service.EditLotAsync(newLot);

            _mockUnitWork.Verify(x => x.Lots.Update(It.IsAny <Lot>()));
        }
        public async Task <IHttpActionResult> EditLotAsync(int id, LotDTO lot)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var oldLot = await _lotsService.GetLotAsync(id);

            if (oldLot == null)
            {
                return(NotFound());
            }
            // Not admin user can edit only his own lot.
            if (!User.IsInRole("Admin") && oldLot.UserName != User.Identity.Name)
            {
                return(ResponseMessage(new HttpResponseMessage(HttpStatusCode.Forbidden)));
            }
            lot.LotId = id;
            await _lotsService.EditLotAsync(lot);

            return(Ok());
        }