public async Task <ActionResult> PostAsync(
[FromBody, Bind("Name,Expiration")] ApiFridgeItem model,
[FromServices] AuthInfoService authInfo)
{
var email = await authInfo.GetUserEmailAsync(Request);
var user = await _userRepo.GetUserByEmailAsync(email);
var item = new FridgeItem
{
Name = model.Name,
Expiration = model.Expiration == default ? DateTime.MaxValue : model.Expiration,
Owner = user
};
var newItem = await _kitchenRepo.CreateFridgeItemAsync(item);
var newModel = new ApiFridgeItem
{
Id = newItem.Id,
Name = newItem.Name,
Expiration = newItem.Expiration,
OwnerId = newItem.OwnerId
};
// in a response to POST, you're supposed to
// send "201 Created" status, with a Location header indicating
// the URL of the newly created resource, and a representation of the
// new resource in the body.
return(CreatedAtRoute("GetFridgeItem", new { newModel.Id }, newModel));
}
public async Task <IActionResult> DeleteExpiredAsync([FromServices] AuthInfoService authInfo)
{
var email = await authInfo.GetUserEmailAsync(Request);
var user = await _userRepo.GetUserByEmailAsync(email);
if (!user.Admin)
{
return(Forbid());
}
await _fridge.CleanFridgeAsync();
return(NoContent());
}
public async Task <IActionResult> DeleteAsync(
[FromRoute] int id,
[FromServices] AuthInfoService authInfo)
{
var item = await _kitchenRepo.GetFridgeItemAsync(id);
if (item is null)
{
return(NotFound());
}
var email = await authInfo.GetUserEmailAsync(Request);
var user = await _userRepo.GetUserByEmailAsync(email);
if (!user.Admin && user.Id != item.OwnerId)
{
return(Forbid());
}
await _kitchenRepo.DeleteFridgeItemAsync(id);
return(NoContent());
}
public UserController(DefaultDbContext dbContext, AuthInfoService authInfoService)
{
_dbContext = dbContext;
_authInfoService = authInfoService;
}
