/// <summary> /// DELETE: Deletes a bill /// </summary> /// <param name="id"></param> /// <returns></returns> public HttpResponseMessage DeleteBill(int id) { Bill bill = _db.Bills.Find(id); if (bill == null) { return Request.CreateResponse(HttpStatusCode.NotFound); } if (_db.Entry(bill).Entity.UserId != this.UserId) { // Trying to delete a record that does not belong to the user return Request.CreateResponse(HttpStatusCode.Unauthorized); } BillDto billDto = new BillDto(bill); _db.Bills.Remove(bill); try { _db.SaveChanges(); } catch (DbUpdateConcurrencyException) { return Request.CreateResponse(HttpStatusCode.InternalServerError); } return Request.CreateResponse(HttpStatusCode.OK, billDto); }
/// <summary> /// PUT: Updates and existing bill /// </summary> /// <param name="id">The id of the Bill</param> /// <param name="billDto"></param> /// <returns></returns> public HttpResponseMessage PutBill(int id, BillDto billDto) { if (ModelState.IsValid && id == billDto.Id) { Bill bill = billDto.ToEntity(); if (_db.Entry(bill).Entity.UserId != this.UserId) { // Trying to modify a record that does not belong to the user return Request.CreateResponse(HttpStatusCode.Unauthorized); } _db.Entry(bill).State = EntityState.Modified; try { _db.SaveChanges(); } catch (DbUpdateConcurrencyException) { return Request.CreateResponse(HttpStatusCode.InternalServerError); } return Request.CreateResponse(HttpStatusCode.NoContent); } else { return Request.CreateResponse(HttpStatusCode.BadRequest); } }
/// <summary> /// Adds a new Bill /// </summary> /// <param name="dto"></param> /// <returns></returns> public HttpResponseMessage PostBill(BillDto dto) { if (ModelState.IsValid) { dto.UserId = this.UserId; var bill = dto.ToEntity(); bill.LastPayment = DateTime.Today; _db.Bills.Add(bill); _db.SaveChanges(); dto.Id = bill.Id; HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, dto); response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = bill.Id })); return response; } else { return Request.CreateResponse(HttpStatusCode.BadRequest); } }