public static ActionResult <OrderModel> Execute(Guid webSessionId, PostUpdateOrderType data, string connectionString) { try { using (var connection = new SqlConnection(connectionString)) { // create command object var command = new SqlCommand(); command.Connection = connection; command.Connection.Open(); // authenticate web session if (!WebSessionCheck.Check(webSessionId, connection, command)) { return(new UnauthorizedResult()); } // update order with completion time command.CommandText = @$ " UPDATE orders SET orders.completed = GETDATE() , orders.completed_notes = {(data.completedNotes != null ? " '" + data.completedNotes + "' " : " null ")} OUTPUT inserted.* WHERE orders.id = '{data.id}' "; var reader = command.ExecuteReader(); // if no rows affected, given order was not found if (!reader.HasRows) { reader.Close(); return(new BadRequestResult()); } // read returned row to get updated order reader.Read(); var order = new OrderModel(reader); reader.Close(); return(new OkObjectResult(order)); }
public ActionResult <OrderModel> PostUpdateOrder([FromHeader(Name = "X-websession")] Guid webSessionId, [FromBody] PostUpdateOrderType data) { var actionResult = postUpdateOrder.Execute(webSessionId, data, _configuration["ConnectionStrings:DefaultConnection"]); // send update to user client _hub.Clients .Group(((OrderModel)((OkObjectResult)actionResult.Result).Value).userId.ToString()) .ReceiveOrderCompletionUpdate((OrderModel)((OkObjectResult)actionResult.Result).Value); return(actionResult); }