//public string Dalyreminder { get; set; } //public string Monthlyreminder { get; set; } /// <summary> /// Checks if user is owner of index card box /// </summary> /// <param name="pIndexCard"></param> /// <param name="pCurrentUser"></param> /// <param name="pContext"></param> /// <returns></returns> public static bool UserIsOwnerOfIndexCardBox(int pIndexCardBoxId, IUser pCurrentUser, MemosportContext pContext) { var lResult = true; var lIndexCardBox = pContext.IndexCardBoxes.SingleOrDefault(x => x.Id == pIndexCardBoxId); if (lIndexCardBox == null) { lResult = false; } else { lResult = lIndexCardBox.UserId == pCurrentUser.Id; // detach pContext.Entry(lIndexCardBox).State = EntityState.Detached; } return(lResult); }
public async Task <IActionResult> Index(int id, [FromForm] IndexCard indexcard) { IIndexCard lIndexCard = indexcard; if (id != lIndexCard.Id) { return(BadRequest()); } // check if user is owner of the index card if (UserIsOwnerOfIndexCard(lIndexCard) == false) { return(Forbid()); } // check inconsistency by change date. Change-Date in PUT-Request should match the change date in the database // currently not working because PUT converts datetime in payload to Local time //var lIndexCardInDB = _context.IndexCards.SingleOrDefault(x => x.Id == id); //if (lIndexCardInDB == null || lIndexCardInDB.Modified != indexcard.Modified) //{ // return Conflict(); // returns an 409 conflic because of inconsistency //} // save uploaded files lIndexCard = await HandleUploadedFiles(lIndexCard); // set datelastlearned in box when user has learned the index card (Indicator: user has pushed buttons known/unknown) SetDateLastLearned(lIndexCard); // set modified date lIndexCard.Modified = DateTime.UtcNow; // set save _context.Entry(lIndexCard).State = EntityState.Modified; _context.Entry(lIndexCard).Property(x => x.Created).IsModified = false; // do not modify create date. The create date is an constant value. _context.SaveChanges(); // cleanup the indexcard response object lIndexCard = CleanupIndexCardResponse(lIndexCard); return(Json(lIndexCard)); }
public async Task <IActionResult> Index(int id, IndexCardBox indexcardbox) { var lIndexCardBox = indexcardbox; if (id != lIndexCardBox.Id) { return(BadRequest()); } // check if user is owner of the index card if (IndexCardBox.UserIsOwnerOfIndexCardBox(id, base.GetCurrentUser(_context), _context) == false) { return(Forbid()); } // set modified date lIndexCardBox.Modified = DateTime.UtcNow; // set save _context.Entry(lIndexCardBox).State = EntityState.Modified; _context.SaveChanges(); return(Json(lIndexCardBox)); }