public async Task <IHttpActionResult> DeleteCompanyFollowerGroup(CompanyFollowerGroupDTO companyFollowerGroupDTO) { string userName = User.Identity.Name; User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault(); if (user == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Find(companyFollowerGroupDTO.ID); if (companyFollowerGroup == null) { throw new HttpResponseException(HttpStatusCode.NotFound); } if ((companyFollowerGroup.CompanyID != user.Company.ID) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false)) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } db.CompanyFollowerGroups.Remove(companyFollowerGroup); await db.SaveChangesAsync(); return(Ok()); }
public async Task <IHttpActionResult> UpdateProduct(CompanyFollowerGroupDTO companyFollowerGroupDTO) { string userName = User.Identity.Name; User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault(); if (user == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Find(companyFollowerGroupDTO.ID); if (companyFollowerGroup == null) { throw new HttpResponseException(HttpStatusCode.NotFound); } if ((companyFollowerGroup.CompanyID != user.Company.ID) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false)) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } Mapper.Map(companyFollowerGroupDTO, companyFollowerGroup); db.Entry(companyFollowerGroup).State = EntityState.Modified; await db.SaveChangesAsync(); return(Ok(Mapper.Map <CompanyFollowerGroup, CompanyFollowerGroupDTO>(companyFollowerGroup))); }