public async Task <ActionResult> Post(ReviewUpsertDto reviewUpsertDto)
{
var userId = Convert.ToInt32(HttpContext.User.Claims.ToList()[0].Value);
var reviewReadDto = await _reviewService.CreateReviewReadDto(reviewUpsertDto, userId);
_logger.LogInformation(LogMessages.EntityCreated);
return(CreatedAtAction(nameof(Get), new { reviewReadDto.Id }, reviewReadDto));
}
public async Task <ActionResult> Put(int id, ReviewUpsertDto reviewUpsertDto)
{
var userId = Convert.ToInt32(HttpContext.User.Claims.ToList()[0].Value);
var userRole = HttpContext.User.Claims.ToList()[3].Value;
await _reviewService.UpdateReview(id, reviewUpsertDto, userId, userRole);
_logger.LogInformation(LogMessages.EntityUpdated);
return(Ok());
}
public async Task <ReviewReadDto> CreateReviewReadDto(ReviewUpsertDto reviewUpsertDto, int userId)
{
var review = _mapper.Map <Review>(reviewUpsertDto);
review.UserId = userId;
await _unitOfWork.Reviews.Create(review);
await _unitOfWork.Save();
return(_mapper.Map <ReviewReadDto>(review));
}
public async Task UpdateReview(int id, ReviewUpsertDto reviewUpsertDto, int userId, string userRole)
{
var review = await FindReview(id);
if (review.UserId != userId && userRole != "Admin")
{
throw new BadRequestException("Unauthorized Attempt");
}
_mapper.Map(reviewUpsertDto, review);
await _unitOfWork.Reviews.Update(review);
await _unitOfWork.Save();
}
