public IHttpActionResult createMeal(MealInputModel meal) { if (!ModelState.IsValid) { return BadRequest(ModelState); } if (meal == null) { return BadRequest("Missing meal data."); } var currentUser = User.Identity.IsAuthenticated; var userName = User.Identity.Name; if (!currentUser) { return this.Unauthorized(); } var userId = db.Users .Where(u => u.UserName == userName) .Select(u => u.Id).FirstOrDefault(); var ownerId = db.Restaurants .Where(r => r.OwnerId == userId && r.Id == meal.RestaurantId) .Select(r => r.OwnerId).FirstOrDefault(); if (ownerId != userId) { return this.Unauthorized(); } var restaurant = db.Restaurants.Find(meal.RestaurantId); if (restaurant == null) { return this.NotFound(); } var type = db.MealTypes.Find(meal.TypeId); if (type == null) { return this.NotFound(); } var mealAdd = new Meal() { Name = meal.Name, Price = meal.Price, TypeId = meal.TypeId, RestaurantId = meal.RestaurantId }; db.Meals.Add(mealAdd); db.SaveChanges(); return this.CreatedAtRoute( "DefaultApi", new { id = mealAdd.Id }, new { id = mealAdd.Id, name = mealAdd.Name, price = mealAdd.Price, type = mealAdd.Type.Name }); }
public IHttpActionResult PostMeal(MealInputModel mealData) { var currentUserId = User.Identity.GetUserId(); if (currentUserId == null) { return this.Unauthorized(); } if (!ModelState.IsValid) { return this.BadRequest(); } var newMeal = new Meal() { Name = mealData.Name, Price = mealData.Price, RestaurantId = mealData.RestaurantId, TypeId = mealData.TypeId }; this.Data.Meals.Add(newMeal); this.Data.SaveChanges(); return this.CreatedAtRoute( "DefaultApi", new { controller = "meals", id = newMeal.Id }, new { Id = newMeal.Id, Name = newMeal.Name, Price = newMeal.Price, Type = newMeal.Type }); }
public IHttpActionResult EditMeal(int id, MealInputModel mealInput) { Meal meal = db.Meals.Find(id); if (meal == null) { return NotFound(); } var type = db.MealTypes.Find(meal.TypeId); if (type == null) { return this.NotFound(); } var currentUser = User.Identity.IsAuthenticated; var userName = User.Identity.Name; if (!currentUser) { return this.Unauthorized(); } var userId = db.Users .Where(u => u.UserName == userName) .Select(u => u.Id).FirstOrDefault(); var ownerId = db.Restaurants .Where(r => r.OwnerId == userId && r.Id == meal.RestaurantId) .Select(r => r.OwnerId).FirstOrDefault(); if (ownerId != userId) { return this.Unauthorized(); } meal.Name = mealInput.Name; meal.TypeId = mealInput.TypeId; meal.Price = mealInput.Price; //db.Meals.Update(meal); db.SaveChanges(); return this.Ok(new { id = meal.Id, name = meal.Name, price = meal.Price, type = meal.Type.Name }); }