public async Task <IHttpActionResult> RemoveProductTeamMemberMapping(ProductTeamMemberDTO productTeamMemberDTO) { string userName = User.Identity.Name; User authUser = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault(); if (authUser == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (productTeamMemberDTO.ProductID == 0 && productTeamMemberDTO.UserID > 0) { User user = await db.Users.Where(u => u.Id == productTeamMemberDTO.UserID).SingleOrDefaultAsync(); if (user != null) { db.ProductTeamMembers.RemoveRange(db.ProductTeamMembers.Where(u => u.UserID == productTeamMemberDTO.UserID)); await db.SaveChangesAsync(); } } return(Ok()); }
public async Task <IHttpActionResult> RemoveProductTeamMember(ProductTeamMemberDTO productTeamMemberDTO) { string userName = User.Identity.Name; User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault(); if (user == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } Product product = db.Products.Where(_product => _product.ID == productTeamMemberDTO.ProductID) .Include(_product => _product.TeamMembers .Select(teamMember => teamMember.User)) .SingleOrDefault(); if (product == null) { throw new HttpResponseException(HttpStatusCode.NotFound); } if ((product.CompanyID != user.Company.ID) && (product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null)) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } ProductTeamMember productTeamMember = product.TeamMembers.Where(_productTeamMember => _productTeamMember.UserID == productTeamMemberDTO.UserID).SingleOrDefault(); if (productTeamMember == null) { throw new HttpResponseException(HttpStatusCode.NotFound); } db.ProductTeamMembers.Remove(productTeamMember); await db.SaveChangesAsync(); return(Ok()); }