public async Task <ActionResult> Add([FromHeader] string Authentication, [FromQuery] string userId, [FromQuery] string groupId) { if (SessionManager.GetSessionState(Authentication) != SessionManager.SessionState.Authorized) { return(Unauthorized()); } SessionInfo sessionInfo = SessionManager.GetSessionInfo(Authentication); if (sessionInfo == null) { return(Unauthorized()); } int userIdInt = 0; int groupIdInt = 0; if (!int.TryParse(userId, out userIdInt) || !int.TryParse(userId, out groupIdInt)) { return(BadRequest("Bad id")); } using (UnitOfWork uow = new UnitOfWork()) { MembershipRepository membershipRepo = new MembershipRepository(uow); MembershipDTO membership = await membershipRepo.GetByUserAndGroupId(userIdInt, groupIdInt); if (membership != null) { if (membership.Status == 0 && userIdInt == sessionInfo.UserId) { membership.Status = 1; await membershipRepo.Update(membership); } else { return(Ok()); } } else { membership = new MembershipDTO { UserId = userIdInt, GroupId = groupIdInt, Status = 0 }; membership.Id = await membershipRepo.Add(membership); } uow.Commit(); return(Ok(membership)); } }
public async Task <ActionResult> Delete([FromHeader] string Authentication, [FromQuery] string userId, [FromQuery] string groupId) { if (SessionManager.GetSessionState(Authentication) != SessionManager.SessionState.Authorized) { return(Unauthorized()); } SessionInfo sessionInfo = SessionManager.GetSessionInfo(Authentication); if (sessionInfo == null) { return(Unauthorized()); } int userIdInt = 0; int groupIdInt = 0; if (!int.TryParse(userId, out userIdInt) || !int.TryParse(userId, out groupIdInt)) { return(BadRequest("Bad id")); } using (UnitOfWork uow = new UnitOfWork()) { MembershipRepository membershipsRepo = new MembershipRepository(uow); MembershipDTO membership = await membershipsRepo.GetByUserAndGroupId(userIdInt, groupIdInt); if (membership.Status == 3) { return(BadRequest("cannot delete the owner")); } await membershipsRepo.Remove(membership.Id); uow.Commit(); return(Ok()); } }