public IActionResult Update([FromBody] UserViewData item) { var session = HttpContext.Get <LoggableEntities>(_context); var current_User = session == null ? null : session.User; var current_Admin = session == null ? null : session.Admin; var allowed_items = ApiTokenValid ? _context.User : (current_User != null ? (from _User in _context.User where _User.Id == current_User.Id select _User) : _context.User); if (!allowed_items.Any(i => i.Id == item.Id)) { return(Unauthorized()); } var new_item = UserViewData.FromUserViewData(item, _context); if (current_User != null && new_item.Id == current_User.Id) { HttpContext.Set <LoggableEntities>(_context, new LoggableEntities() { User = new_item }); } var can_edit_by_token = ApiTokenValid || true; if (item == null || !can_edit_by_token) { return(Unauthorized()); } // throw new Exception("Unauthorized edit attempt"); _context.Update(new_item); _context.Entry(new_item).Property(x => x.Username).IsModified = false; _context.Entry(new_item).Property(x => x.Email).IsModified = false; _context.Entry(new_item).Property(x => x.CreatedDate).IsModified = false; _context.SaveChanges(); return(Ok()); }
public IActionResult Update([FromBody] American item) { var session = HttpContext.Get <LoggableEntities>(_context); var current_User = session == null ? null : session.User; var current_Admin = session == null ? null : session.Admin; var allowed_items = ApiTokenValid ? _context.American : _context.American; if (!allowed_items.Any(i => i.Id == item.Id)) { return(Unauthorized()); } var new_item = item; var can_edit_by_token = ApiTokenValid || true; if (item == null || !can_edit_by_token) { return(Unauthorized()); } // throw new Exception("Unauthorized edit attempt"); _context.Update(new_item); _context.Entry(new_item).Property(x => x.CreatedDate).IsModified = false; _context.SaveChanges(); return(Ok()); }