public async Task <IActionResult> ChangeStatus(long id, [FromBody] OrderStatusForm model) { var order = _orderRepository.Query().FirstOrDefault(x => x.Id == id); if (order == null) { return(NotFound()); } var currentUser = await _workContext.GetCurrentUser(); if (!User.IsInRole("admin") && order.VendorId != currentUser.VendorId) { return(BadRequest(new { error = "You don't have permission to manage this order" })); } if (Enum.IsDefined(typeof(OrderStatus), model.StatusId)) { var oldStatus = order.OrderStatus; order.OrderStatus = (OrderStatus)model.StatusId; await _orderRepository.SaveChangesAsync(); var orderStatusChanged = new OrderChanged { OrderId = order.Id, OldStatus = oldStatus, NewStatus = order.OrderStatus, Order = order, UserId = currentUser.Id, Note = model.Note }; await _mediator.Publish(orderStatusChanged); return(Accepted()); } return(BadRequest(new { Error = "unsupported order status" })); }
private void DeleteOrders() { try { using (SQLiteConnection sqlcon = new SQLiteConnection(conn)) { sqlcon.Open(); string query = "DELETE FROM Orders WHERE OrderNo=@OrderNo"; using (SQLiteCommand sqlcmd = new SQLiteCommand(query, sqlcon)) { try { sqlcmd.Parameters.AddWithValue("@OrderNo", lblorderno.Text); sqlcmd.ExecuteNonQuery(); } finally { if (sqlcon.State == ConnectionState.Open) { sqlcon.Close(); if (Application.OpenForms["OrderStatusForm"] != null) { OrderStatusForm f2 = (OrderStatusForm)Application.OpenForms["OrderStatusForm"]; f2.OrderStatusForm_Load(f2, EventArgs.Empty); } } } } } } catch (Exception ex) { MessageBox.Show(ex.Message); } }