public static int CreateAnswer(this DatabaseManager database, TicketAnswer answer) { string sql = "INSERT INTO dbo.TicketAnswers (TicketId, Content, AuthorId, LastUpdate, CreateDate) OUTPUT INSERTED.AnswerId " + "VALUES (@TicketId, @Content, @AuthorId, @LastUpdate, @CreateDate);"; using (var conn = database.connection) { return(conn.ExecuteScalar <int>(sql, answer)); } }
public TicketAnswer CreateAnswer([FromBody] TicketAnswer answer) { var steamId = User.FindFirst(x => x.Type == ClaimTypes.Name).Value; if (!(User.IsInRole("Moderator") || User.IsInRole("Admin"))) { var ticket = database.GetTicket(answer.TicketId); if (!(ticket.AuthorId == steamId || ticket.Answers.Exists(x => x.AuthorId == steamId))) { return(null); } } answer.AuthorId = steamId; answer.LastUpdate = DateTime.Now; answer.CreateDate = DateTime.Now; answer.AnswerId = database.CreateAnswer(answer); answer.Author = database.GetPlayer(steamId); return(answer); }