public async Task <IActionResult> PutCustomer(EditCustomerDTO customerDTO)
{
var customer = new Customer(customerDTO.FirstName, customerDTO.LastName, customerDTO.Email, customerDTO.Id);
_context.Entry(customer).State = EntityState.Modified;
await _context.SaveChangesAsync();
return(NoContent());
}
public async Task EditCustomer(int id, EditCustomerDTO editCustomerDTO)
{
var dbCustomer = dbContext.Customers
.FirstOrDefault(x => x.Id == id);
//Parameter tampering
dbCustomer.FirstName = editCustomerDTO.FirstName;
dbCustomer.LastName = editCustomerDTO.LastName;
dbCustomer.Email = editCustomerDTO.Email;
await this.dbContext.SaveChangesAsync();
}
public async Task <IActionResult> Put(int id, EditCustomerDTO editCustomerDTO)
{
await customerService.EditCustomer(id, editCustomerDTO);
return(Ok(editCustomerDTO));
}