public async Task<ApiMessage> Post(Guid id, ItemListCreateModel model)
{
ItemList item = new ItemList(model);
ApiMessage msg = new ApiMessage() { success = false };
IEnumerable<string> xAccessKey;
bool hasKey = Request.Headers.TryGetValues("X-Access-Key", out xAccessKey);
bool authorized = false;
if (hasKey)
{
Device device = new Device() { access_key = xAccessKey.First() };
authorized = await device.FindByAccessKey(device.access_key, true);
DeviceOwner downer = new DeviceOwner() { device = new Device() { id = device.id } };
authorized = await downer.FindByDeviceId();
GroupList group = new GroupList() { id = id };
bool hasauthorized = await group.FindById();
Membership member = new Membership() { user_id = downer.user.id, group_id = id };
if (hasauthorized)
{
authorized = await member.FindByDeviceIdAndGroupId();
authorized = member.status == MembershipStatus.Kicked ? false : true;
item.group_id = group.id;
item.created_by = downer.user.id;
item.creator = downer.user;
}
}
if (hasKey && authorized)
{
if (ModelState.IsValid)
{
bool success = await item.Create();
if (success)
{
msg.message = "Item is created successfully";
msg.success = true;
msg.data = item.Return;
}
else
{
msg.message = "Failed to add item";
}
}
else
{
msg.message = "Data is not completed";
}
}
else
{
msg.message = "Unauthorized";
}
return msg;
}
