public int Create(CompanyBlog newCb)
{
string sql = @"
INSERT INTO companyblogs
(companyId, blogId, creatorId)
VALUES
(@CompanyId, @BlogId, @CreatorId);
SELECT LAST_INSERT_ID();";
return(_db.ExecuteScalar <int>(sql, newCb));
}
public async Task <ActionResult <CompanyBlog> > Post([FromBody] CompanyBlog newCb)
{
try
{
Profile userInfo = await HttpContext.GetUserInfoAsync <Profile>();
newCb.CreatorId = userInfo.Id;
return(Ok(_cbs.Create(newCb)));
}
catch (System.Exception e)
{
return(BadRequest(e.Message));
}
}
internal string Delete(int id, string userId)
{
CompanyBlog original = _repo.Get(id);
if (original == null)
{
throw new Exception("Bad Id");
}
if (original.CreatorId != userId)
{
throw new Exception("Not the User : Access Denied");
}
if (_repo.Remove(id))
{
return("deleted succesfully");
}
return("did not remove succesfully");
}
public CompanyBlog Create(CompanyBlog newCb)
{
newCb.Id = _repo.Create(newCb);
return(newCb);
}
