public async Task <IHttpActionResult> Patch(int key, Delta <ElementField> patch) { var elementField = await _resourcePoolManager.GetElementFieldSet(key, true, item => item.Element.ResourcePool).SingleOrDefaultAsync(); // Owner check: Entity must belong to the current user var currentUserId = User.Identity.GetUserId <int>(); if (currentUserId != elementField.Element.ResourcePool.UserId) { return(StatusCode(HttpStatusCode.Forbidden)); } patch.Patch(elementField); await _resourcePoolManager.SaveChangesAsync(); return(Ok(elementField)); }
public async Task <IHttpActionResult> Patch(int key, Delta <ResourcePool> patch) { var resourcePool = await _resourcePoolManager.GetResourcePoolSet(key).SingleOrDefaultAsync(); // Owner check: Entity must belong to the current user var currentUserId = User.Identity.GetUserId <int>(); if (currentUserId != resourcePool.UserId) { return(StatusCode(HttpStatusCode.Forbidden)); } patch.Patch(resourcePool); try { await _resourcePoolManager.SaveChangesAsync(); } catch (DbUpdateException) { // Unique key exception if (!patch.GetChangedPropertyNames().Any(item => item == "Key")) { throw; } patch.TryGetPropertyValue("Key", out object resourcePoolKey); if (resourcePoolKey == null) { throw; } if (await _resourcePoolManager.GetResourcePoolSet(null, false).AnyAsync(item => item.Key == resourcePoolKey.ToString())) { return(new UniqueKeyConflictResult(Request, "Key", resourcePoolKey.ToString())); } throw; } return(Ok(resourcePool)); }
public async Task <IHttpActionResult> Patch(int userId, int elementCellId, Delta <UserElementCell> patch) { // Owner check: Entity must belong to the current user var currentUserId = User.Identity.GetUserId <int>(); if (currentUserId != userId) { return(StatusCode(HttpStatusCode.Forbidden)); } // REMARK UserCommandTreeInterceptor already filters "userId" on EntityFramework level, but that might be removed later on / coni2k - 31 Jul. '17 var userElementCell = await _resourcePoolManager.GetUserElementCellSet(userId, elementCellId).SingleOrDefaultAsync(); patch.Patch(userElementCell); await _resourcePoolManager.SaveChangesAsync(); return(Ok(userElementCell)); }