public IHttpActionResult DeleteInventoryQuota(int id, int UILoginUserID, string UILoginPassword, int SiteID) { if (!Global.CheckUserIDAndPasswordWithSiteID(db, UILoginUserID, UILoginPassword, SiteID, "DeleteInventoryQuota")) { return(BadRequest()); } InventoryQuota inventoryQuota = db.InventoryQuotas.Find(id); if (inventoryQuota == null) { return(NotFound()); } if (inventoryQuota.SiteID != SiteID) { return(BadRequest()); } User user = db.Users.Find(UILoginUserID); if (user == null) { return(BadRequest()); } if (!user.IsRootUser && !user.IsSiteAdmin && inventoryQuota.EntryByUserID != user.ID) { return(BadRequest()); } db.InventoryQuotas.Remove(inventoryQuota); db.SaveChanges(); return(Ok(inventoryQuota)); }
public IHttpActionResult PutInventoryQuota(int id, InventoryQuota inventoryQuota) { if (!Global.CheckUserIDAndPasswordWithSiteID(db, inventoryQuota.UILoginUserID, inventoryQuota.UILoginPassword, inventoryQuota.SiteID, "PutInventoryQuota")) { return(BadRequest()); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (id != inventoryQuota.ID) { return(BadRequest()); } InventoryQuota i = db.InventoryQuotas.AsNoTracking().SingleOrDefault(p => p.ID == id); if (i == null) { return(NotFound()); } if (i.SiteID != inventoryQuota.SiteID) { return(BadRequest()); } User user = db.Users.Find(inventoryQuota.UILoginUserID); if (!user.IsRootUser && !user.IsSiteAdmin && i.EntryByUserID != user.ID) { return(BadRequest()); } db.Entry(inventoryQuota).State = EntityState.Modified; try { db.SaveChanges(); } catch (DbUpdateConcurrencyException) { if (!InventoryQuotaExists(id)) { return(NotFound()); } else { throw; } } return(StatusCode(HttpStatusCode.NoContent)); }
public IHttpActionResult PostInventoryQuota(InventoryQuota inventoryQuota) { if (!Global.CheckUserIDAndPasswordWithSiteID(db, inventoryQuota.UILoginUserID, inventoryQuota.UILoginPassword, inventoryQuota.SiteID, "PostInventoryQuota")) { return(BadRequest()); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } db.InventoryQuotas.Add(inventoryQuota); db.SaveChanges(); return(CreatedAtRoute("DefaultApi", new { id = inventoryQuota.ID }, inventoryQuota)); }