public async Task <IActionResult> SetAvatar(Guid id, IFormFile postedImage)
{
var project = await Database.Projects.FindAsync(id);
if (await _permission.AllowWrite(await CurrentUser, project))
{
return(await _avatar.SetAvatarResult(project, postedImage));
}
return(Forbid());
}
// PUT /api/[controller]/{id}
public virtual async Task <ActionResult <TViewModel> > Put(TKey parentId, TKey id, [FromBody] TCreateModel create)
{
var set = Database.Set <TData>();
var entity = await set.FindAsync(id);
if (entity == null)
{
return(NotFound());
}
if (!await Permissions.AllowWrite(await CurrentUser, entity) || entity.Deleted)
{
return(Forbid());
}
await UpdateDataModelAsync(entity, create);
await Database.SaveChangesAsync();
return(await CreateViewModelAsync(entity));
}
public async Task <IActionResult> ScanQrCode(Guid pledgeId)
{
var pledge = await Database.Pledges.FindAsync(pledgeId);
if (pledge == null)
{
return(NotFound());
}
if (!await _projectPermissionProvider.AllowWrite(await CurrentUser, pledge.Project))
{
return(Forbid());
}
pledge.Status = PledgeStatus.Finished;
await Database.SaveChangesAsync();
return(Ok());
}
