public async Task <ActionResult <SetTemplateDTO> > PostSetTemplate(SetTemplate setTemplate) { var workout = await _context.WorkoutTemplates.FindAsync(setTemplate.WorkoutTemplateId); if (workout == null) { return(BadRequest()); } var person = await _context.People.FindAsync(workout.PersonId); var exercise = await _context.Exercises.FindAsync(setTemplate.ExerciseId); if (exercise == null) { return(BadRequest()); } var person2 = await _context.People.FindAsync(exercise.PersonId); var authResult = await _authorisationService.AuthorizeAsync(User, person, "SamePerson"); var authResult2 = await _authorisationService.AuthorizeAsync(User, person2, "SamePerson"); if ((!authResult.Succeeded) || (!authResult2.Succeeded)) { return(new ForbidResult()); } _context.SetTemplates.Add(setTemplate); await _context.SaveChangesAsync(); var dto = _mapper.Map <SetTemplateDTO>(setTemplate); return(CreatedAtAction("GetSetTemplate", new { id = setTemplate.Id }, dto)); }
public async Task <IActionResult> PutSetTemplate(long id, SetTemplate setTemplate) { if (id != setTemplate.Id) { return(BadRequest()); } var workout = await _context.WorkoutTemplates.FindAsync(setTemplate.WorkoutTemplateId); if (workout == null) { return(BadRequest()); } var person = await _context.People.FindAsync(workout.PersonId); var exercise = await _context.Exercises.FindAsync(setTemplate.ExerciseId); if (exercise == null) { return(BadRequest()); } var person2 = await _context.People.FindAsync(exercise.PersonId); var authResult = await _authorisationService.AuthorizeAsync(User, person, "SamePerson"); var authResult2 = await _authorisationService.AuthorizeAsync(User, person2, "SamePerson"); if ((!authResult.Succeeded) || (!authResult2.Succeeded)) { return(new ForbidResult()); } _context.Entry(setTemplate).State = EntityState.Modified; try { await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!SetTemplateExists(id)) { return(NotFound()); } else { throw; } } return(NoContent()); }