public async Task <IHttpActionResult> PostAsync(int projectId, int?parentId, [FromBody] ActionItemDto model, CancellationToken cancellationToken) { if (model == null || !ModelState.IsValid) { return(BadRequest()); } var project = await _projectManager.FindByIdAsync(projectId, cancellationToken); await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken); var parentAction = default(ActionItem); if (parentId != null) { parentAction = await _projectManager.GetActionByIdAsync((int)parentId, cancellationToken); if (parentAction == null || parentAction.Project.Id != project.Id) { return(BadRequest()); } } var action = new ActionItem { Type = model.Type, Enabled = model.Enabled, Name = model.Name, Options = model.Options }; var validationResult = await _projectManager.AddActionAsync(project, parentAction, action, cancellationToken); if (!validationResult.Succeeded) { return(this.ValidationContent(validationResult)); } var actionResult = await _projectManager.GetActionByIdAsync(action.Id, cancellationToken); return(new ActionContentResult(HttpStatusCode.Created, _actionLinkService, actionResult, this)); }