public IHttpActionResult CreateNewMeal(CreateMealBindingModel model) { if (!this.ModelState.IsValid) { return(this.BadRequest(this.ModelState)); } if (model == null) { return(this.BadRequest("Model cannot be null.")); } var dbRestaurant = this.Data.Restaurants.All() .Where(r => r.Id == model.RestaurantId) .Select(r => new { Id = r.Id, OwnerId = r.OwnerId }) .FirstOrDefault(); if (dbRestaurant == null) { return(this.BadRequest($"Restaurant with Id: {dbRestaurant.Id} doesn't exist.")); } var loggedUserId = this.User.Identity.GetUserId(); if (dbRestaurant.OwnerId != loggedUserId) { return(this.BadRequest("You are not the owner of the restaurant.")); } var dbType = this.Data.MealTypes.All().FirstOrDefault(mt => mt.Id == model.TypeId); if (dbType == null) { return(this.BadRequest($"Meal Type with Id: {dbType.Id} doesn't exist.")); } var meal = new Meal { Name = model.Name, Price = model.Price, TypeId = model.TypeId, RestaurantId = model.RestaurantId }; this.Data.Meals.Add(meal); this.Data.SaveChanges(); var dbMeal = this.Data.Meals.All() .Where(m => m.Id == meal.Id) .Select(MealViewModel.Create) .FirstOrDefault(); return(this.Created($"api/Meals/{meal.Id}", dbMeal)); }
public IHttpActionResult CreateNewMeal(CreateMealBindingModel model) { if (!this.ModelState.IsValid) { return this.BadRequest(this.ModelState); } if (model == null) { return this.BadRequest("Model cannot be null."); } var dbRestaurant = this.Data.Restaurants.All() .Where(r => r.Id == model.RestaurantId) .Select(r => new { Id = r.Id, OwnerId = r.OwnerId }) .FirstOrDefault(); if (dbRestaurant == null) { return this.BadRequest($"Restaurant with Id: {dbRestaurant.Id} doesn't exist."); } var loggedUserId = this.User.Identity.GetUserId(); if (dbRestaurant.OwnerId != loggedUserId) { return this.BadRequest("You are not the owner of the restaurant."); } var dbType = this.Data.MealTypes.All().FirstOrDefault(mt => mt.Id == model.TypeId); if (dbType == null) { return this.BadRequest($"Meal Type with Id: {dbType.Id} doesn't exist."); } var meal = new Meal { Name = model.Name, Price = model.Price, TypeId = model.TypeId, RestaurantId = model.RestaurantId }; this.Data.Meals.Add(meal); this.Data.SaveChanges(); var dbMeal = this.Data.Meals.All() .Where(m => m.Id == meal.Id) .Select(MealViewModel.Create) .FirstOrDefault(); return this.Created($"api/Meals/{meal.Id}", dbMeal); }
public IHttpActionResult CreateMeal([FromBody] CreateMealBindingModel mealModel) { if (!this.ModelState.IsValid) { return(this.BadRequest(this.ModelState)); } var type = this.Data.MealTypes.Find(mealModel.TypeId); var restaurant = this.Data.Restaurants.Find(mealModel.RestaurantId); if (type == null || restaurant == null) { return(this.BadRequest("Invalid type or restaurant id.")); } var userId = this.User.Identity.GetUserId(); ApplicationUser user = null; if (userId != null) { user = this.Data.Users.Find(userId); } if (user == null || userId != restaurant.OwnerId) { return(this.Unauthorized()); } var meal = new Meal() { Name = mealModel.Name, Price = mealModel.Price, RestaurantId = mealModel.RestaurantId, Restaurant = restaurant, TypeId = mealModel.TypeId, Type = type }; this.Data.Meals.Add(meal); this.Data.SaveChanges(); var mealView = new MealViewModel() { Id = meal.Id, Name = meal.Name, Price = meal.Price, Type = meal.Type.Name }; return(this.CreatedAtRoute( "DefaultApi", new { id = meal.Id, controller = "meals" }, mealView)); }