/// POST api/Files
/// <summary>
/// CREATE's a new file for the org passed in
/// </summary>
public HttpResponseMessage PostFile(File file)
{
if (Auth.FB.IsOrgAdmin(file.orgsId))
{
if (ModelState.IsValid)
{
if (file.security != "public" && file.security != "private")
{
file.security = "public";
}
db.File.Add(file);
db.SaveChanges();
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, file);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = file.id }));
return response;
}
else
{
return Request.CreateResponse(HttpStatusCode.BadRequest);
}
}
else
{
throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized));
}
}
// PUT api/Files/{fileId}
/// <summary>
/// Update a file, for example update the published date by passing in the updated_at field, note this is not a patch and all valus must be passed in.
/// </summary>
public HttpResponseMessage PutFile(int id, File file)
{
if (Auth.FB.IsOrgAdmin(file.orgsId))
{
if (ModelState.IsValid && id == file.id)
{
if (file.security != "public" && file.security != "private")
{
file.security = "public";
}
db.Entry(file).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
return Request.CreateResponse(HttpStatusCode.NotFound);
}
return Request.CreateResponse(HttpStatusCode.OK);
}
else
{
return Request.CreateResponse(HttpStatusCode.BadRequest);
}
}
else
{
throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized));
}
}