public async Task <ActionResult <Accountuser> > AddLink(int UserId, [FromQuery] int AccountId)
{
var accountId = HttpContext.Session.GetInt32("AccountId");
if (accountId == null)
{
return(Unauthorized());
}
var accountuser = new Accountuser
{
AccountId = AccountId,
UserId = UserId
};
var user = await _context.User.FindAsync(UserId);
if (null == user || user.AccountId != accountId)
{
return(StatusCode(403));
}
_context.Accountuser.Add(accountuser);
await _context.SaveChangesAsync();
return(accountuser);
}
public async Task <ActionResult <User> > PostUser()
{
var accountId = HttpContext.Session.GetInt32("AccountId");
if (accountId == null)
{
return(Unauthorized());
}
string body;
using (var reader = new StreamReader(Request.Body))
{
body = await reader.ReadToEndAsync();
}
var user = JObject.Parse(body).ToObject <User>();
if (user.AccountId != accountId)
{
return(StatusCode(403));
}
if (0 == user.Id)
{
_context.User.Add(user);
var r = new Accountuser()
{
AccountId = accountId.Value,
User = user
};
_context.Accountuser.Add(r);
}
else
{
_context.Entry(user).State = EntityState.Modified;
}
await _context.SaveChangesAsync();
return(CreatedAtAction("GetUser", new { id = user.Id }, user));
}