public IHttpActionResult PostUserMenu(UserMenuViewModel userMenu) { if (!ModelState.IsValid) { return BadRequest(ModelState); } var user = db.Users.Find(userMenu.UserName); if (user == null) throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound, "不存在的使用者!")); var menus = db.Menus.Where(item => item.Id == userMenu.MenuId || item.ParentId == userMenu.MenuId); foreach (var item in menus) { user.Menus.Add(item); } try { db.SaveChanges(); //寫入AccessLog MPAccessLog.WriteEntry(User.Identity.Name, AccessAction.Create, "UserMenu", JsonConvert.SerializeObject(new { user.UserName, Menus = menus.Select(m => m.Id + m.Text).ToArray() })); } catch (Exception ex) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.BadRequest, ex.Message)); } return Ok(); }
public IHttpActionResult DeleteUserMenu(UserMenuViewModel userMenu) { var user = db.Users.Find(userMenu.UserName); if (user == null) throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound, "不存在的使用者!")); var menus = db.Menus.Where(item => item.Id == userMenu.MenuId || item.ParentId == userMenu.MenuId); foreach (var item in menus) { user.Menus.Remove(item); } db.SaveChanges(); //寫入AccessLog MPAccessLog.WriteEntry(User.Identity.Name, AccessAction.Delete, "UserMenu", JsonConvert.SerializeObject(new { user.UserName, Menus = menus.Select(m => m.Id + m.Text).ToArray() })); return Ok(); }