public async Task <BoardReturnDto> AddPinToBoardAsync(AddPinToBoardDto model) { var userId = long.Parse(_httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier).Value); var pinInDb = await _pinService.GetByIdAsync(model.PinId); if (pinInDb == null) { throw new ObjectNotFoundException("Pin not found."); } var boardInDb = await _boardService.GetByIdAsync(model.BoardId); if (boardInDb == null) { throw new ObjectNotFoundException("Board not found."); } if (boardInDb.CreatedBy != userId) { throw new UnauthorizedAccessException("You have no permissions to edit this board."); } var relation = new BoardPin { CreatedBy = userId, Pin = pinInDb, Board = boardInDb }; await _boardPinService.InsertAsync(relation); return(boardInDb.ToBoardReturnDto(true)); }
public async Task <IActionResult> AddPinToBoard( AddPinToBoardDto model ) { try { var responsePayload = await _boardPinService.AddPinToBoardAsync(model); return(Ok(responsePayload)); } catch (UnauthorizedAccessException) { return(Unauthorized()); } catch (Exception ex) { return(BadRequest(new { ex.Message })); } }