public async Task <IActionResult> PutPost(Guid id, PostEditDTO postEditDTO) { if (id != postEditDTO.Id) { return(BadRequest("Post id in request does not match the id of Post to be edited")); } var post = await _context.Posts.FindAsync(id); if (post == null) { return(NotFound("Post to be edited does not exist")); } // Get user based on existing JWT Token or Guest User account. var user = await GetUserFromTokenOrDefault(); // Return Unauthorized if no AppUser account could be assigned. if (user == null) { return(Unauthorized("Account could not be located.")); } // Post does not belong to User. if (post.AppUser != user) { return(Unauthorized("User does not have permission to edit.")); } _mapper.Map <PostEditDTO, Post>(postEditDTO, post); _context.Entry(post).State = EntityState.Modified; try { await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { var postExists = await PostExists(id); if (!postExists) { return(NotFound()); } else { throw; } } return(NoContent()); }
/// <summary> /// Edits a post. /// The method is used in the admin area where the posts are managed. /// The "edit" button takes the user to /admin/posts/edit/id /// </summary> /// <param name="id"></param> public void EditPost(PostEditDTO data) { using (DbContext) { var postToEdit = DbContext.Posts.FirstOrDefault(e => e.Id == data.Id); postToEdit.Description = data.Description; postToEdit.CategoryId = data.CategoryId; postToEdit.TagId = data.TagId; postToEdit.Title = data.Title; DbContext.SaveChanges(); } }