public async Task <IActionResult> PutItem(Guid id, V1DTO.Item item)
{
if (id != item.Id)
{
return(BadRequest(new V1DTO.MessageDTO("Id and Item.Id do not match")));
}
if (!(await _bll.RestaurantUsers.GetAllAsync()).Any(ru => ru.AppUserId.Equals(User.UserGuidId()) && ru.RestaurantId.Equals(item.RestaurantId)))
{
return(Unauthorized(new V1DTO.MessageDTO("User not authorized for this restaurant")));
}
await _bll.Items.UpdateAsync(_mapper.Map(item));
await _bll.SaveChangesAsync();
return(NoContent());
}
public async Task <ActionResult <V1DTO.Item> > PostItem(V1DTO.Item item)
{
if (!(await _bll.RestaurantUsers.GetAllAsync()).Any(ru => ru.AppUserId.Equals(User.UserGuidId()) && ru.RestaurantId.Equals(item.RestaurantId)))
{
return(Unauthorized(new V1DTO.MessageDTO("User not authorized for this restaurant")));
}
var bllEntity = _mapper.Map(item);
_bll.Items.Add(bllEntity);
await _bll.SaveChangesAsync();
item.Id = bllEntity.Id;
return(CreatedAtAction(nameof(GetItem),
new { id = item.Id, version = HttpContext.GetRequestedApiVersion()?.ToString() ?? "0" },
item));
}
