public IHttpActionResult PutCourse(int id, CourseDetailDTO courseDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null) { return(Unauthorized()); } Course course = db.Courses.Find(id); if (courseDTO == null || course == null || !ModelState.IsValid) { return(BadRequest(ModelState)); } if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course))) { return(Unauthorized()); } if (courseDTO.NewGradingSchemeName != null) { foreach (GradingScheme scheme in db.GradingSchemes) { if (courseDTO.NewGradingSchemeName.Equals(scheme.Name)) { course.GradingSchemeId = scheme.Id; break; } } } if (!courseDTO.Validate(course)) { return(BadRequest()); } courseDTO.Update(course); string error = db.Update(course, Modified); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id)); }
public IHttpActionResult PostCourse(CourseDetailDTO courseDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } if (!ModelState.IsValid || !courseDTO.Validate(null)) { return(BadRequest()); } Course course = courseDTO.Create(authorizedUser.GetTeacher().Id); string error = db.Update(course, Added); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id)); }