public async Task <IHttpActionResult> Put([FromUri] string email, [FromBody] UserViewModelPut putViewModel)
{
if ((!User.IsInRole("PortalAdmin")) && ((!User.IsInRole("PortalManager"))) &&
(User.Identity.Name != email))
{
return(new ResponseMessageResult(new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent("You cannot edit another users")
}));
}
var userEntity = Mapper.Map <User>(putViewModel);
var userId = (await _userOperations.GetAsync(email))?.Id;
if (!userId.HasValue)
{
return(this.Result404("User is not found"));
}
userEntity.Id = userId.Value;
userEntity = await _userOperations.UpdateAsync(userEntity);
await _pictureOperations.SaveByFormIdAsync(putViewModel.FormId, userEntity.Id, LinkedObjectType.User);
return(await Get(userEntity.Email));
}
public void HTTP_Put_AnotherUser_Test()
{
var user = _context.Users.First();
var anotherUser = _context.Users.Where(u => u.Role == Role.RegisteredUser).Take(2).ToList().Last();
var rndString = Guid.NewGuid().ToString();
var viewModel = new UserViewModelPut
{
Name = rndString,
Phone = rndString,
CityId = user.CityId,
Role = user.Role,
};
HttpPut <UserViewModelGet>($"api/user?email={user.Email}", viewModel, anotherUser.AuthToken);
}
public void HTTP_Put_Ok_Test()
{
var user = _context.Users.First();
var rndString = Guid.NewGuid().ToString();
var viewModel = new UserViewModelPut
{
Name = rndString,
Phone = rndString,
CityId = user.CityId,
Role = user.Role,
Email = user.Email
};
var result = HttpPut <UserViewModelGet>($"api/user?email={user.Email}", viewModel, user.AuthToken);
Assert.AreEqual(rndString, result.Name);
Assert.AreEqual(rndString, result.Phone);
}
