public Review UpdateReview(int reviewId, int companyId, int userId, int stars, string writtenReview, int anonymous, DateTime creationDate, int verifiedReview, int verifiedBy, bool fromElbho)
{
Dictionary <string, object> parameters = new Dictionary <string, object>();
parameters.Add("@id", reviewId);
parameters.Add("@companyId", companyId);
parameters.Add("@userId", userId);
parameters.Add("@stars", stars);
parameters.Add("@writtenReview", writtenReview);
parameters.Add("@anonymous", anonymous);
parameters.Add("@creationDate", creationDate);
parameters.Add("@verifiedReview", verifiedReview);
parameters.Add("@verifiedBy", verifiedBy);
parameters.Add("@fromElbho", fromElbho);
string query = "UPDATE reg_reviews SET review_id = @id" +
", review_bedrijf_id = @companyId, review_student_id = @userId" +
", review_sterren = @stars, review_geschreven = @writtenReview" +
", review_anoniem = @anonymous, review_datum = @creationDate" +
", review_status = @verifiedReview, review_status_bevestigd_door = @verifiedBy" +
", review_from_elbho = @fromElbho" +
" WHERE review_id = @id;";
_reviewRepository.UpdateReview(query, parameters);
return(_reviewReadService.GetReviewById(reviewId));
}
public IActionResult GetReviewById(int id)
{
Review review = _reviewReadService.GetReviewById(id);
var userId = CustomAuthorizationHelper.GetCurrentUserId(User);
if (review == null)
{
return(NotFound("Review not found."));
}
else if (review.UserId == userId)
{
return(Ok(_reviewReadService.GetReviewById(id)));
}
else
{
return(StatusCode((int)HttpStatusCode.Unauthorized, "User id does not match"));
}
}