public async Task <IActionResult> PutItem(Guid id, V1DTO.Item item) { if (id != item.Id) { return(BadRequest(new V1DTO.MessageDTO("Id and Item.Id do not match"))); } if (!(await _bll.RestaurantUsers.GetAllAsync()).Any(ru => ru.AppUserId.Equals(User.UserGuidId()) && ru.RestaurantId.Equals(item.RestaurantId))) { return(Unauthorized(new V1DTO.MessageDTO("User not authorized for this restaurant"))); } await _bll.Items.UpdateAsync(_mapper.Map(item)); await _bll.SaveChangesAsync(); return(NoContent()); }
public async Task <ActionResult <V1DTO.Item> > PostItem(V1DTO.Item item) { if (!(await _bll.RestaurantUsers.GetAllAsync()).Any(ru => ru.AppUserId.Equals(User.UserGuidId()) && ru.RestaurantId.Equals(item.RestaurantId))) { return(Unauthorized(new V1DTO.MessageDTO("User not authorized for this restaurant"))); } var bllEntity = _mapper.Map(item); _bll.Items.Add(bllEntity); await _bll.SaveChangesAsync(); item.Id = bllEntity.Id; return(CreatedAtAction(nameof(GetItem), new { id = item.Id, version = HttpContext.GetRequestedApiVersion()?.ToString() ?? "0" }, item)); }