public async Task <IHttpActionResult> Put([FromUri] string email, [FromBody] UserViewModelPut putViewModel) { if ((!User.IsInRole("PortalAdmin")) && ((!User.IsInRole("PortalManager"))) && (User.Identity.Name != email)) { return(new ResponseMessageResult(new HttpResponseMessage(HttpStatusCode.Unauthorized) { Content = new StringContent("You cannot edit another users") })); } var userEntity = Mapper.Map <User>(putViewModel); var userId = (await _userOperations.GetAsync(email))?.Id; if (!userId.HasValue) { return(this.Result404("User is not found")); } userEntity.Id = userId.Value; userEntity = await _userOperations.UpdateAsync(userEntity); await _pictureOperations.SaveByFormIdAsync(putViewModel.FormId, userEntity.Id, LinkedObjectType.User); return(await Get(userEntity.Email)); }
public void HTTP_Put_AnotherUser_Test() { var user = _context.Users.First(); var anotherUser = _context.Users.Where(u => u.Role == Role.RegisteredUser).Take(2).ToList().Last(); var rndString = Guid.NewGuid().ToString(); var viewModel = new UserViewModelPut { Name = rndString, Phone = rndString, CityId = user.CityId, Role = user.Role, }; HttpPut <UserViewModelGet>($"api/user?email={user.Email}", viewModel, anotherUser.AuthToken); }
public void HTTP_Put_Ok_Test() { var user = _context.Users.First(); var rndString = Guid.NewGuid().ToString(); var viewModel = new UserViewModelPut { Name = rndString, Phone = rndString, CityId = user.CityId, Role = user.Role, Email = user.Email }; var result = HttpPut <UserViewModelGet>($"api/user?email={user.Email}", viewModel, user.AuthToken); Assert.AreEqual(rndString, result.Name); Assert.AreEqual(rndString, result.Phone); }