public async Task <IActionResult> Post([FromBody] DTO.Shop dto) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } Model.Shop entity = CreateEntityFromDTO(dto); _context.Shops.Add(entity); await _context.SaveChangesAsync(); return(Created($"api/Shops/{entity.Id}", CreateDTOFromEntity(entity))); }
public async Task <IActionResult> Post(int shopId, [FromBody] DTO.OpeningPeriod dto) { Model.Shop shop = await FindShopById(shopId); if (shop == null) { return(NotFound()); } int userId = int.Parse(User.Claims.First(c => c.Type == PrivateClaims.UserId).Value); #region ... if (!User.IsInRole(Constants.Roles.Admin) && shop.OwnerId != userId) { return(Forbid()); } #endregion Model.OpeningPeriod entity = CreateEntityFromDTO(dto); shop.AddOpeningPeriod(entity); await _context.SaveChangesAsync(); return(Created($"api/{entity.Id}", CreateDTOFromEntity(entity))); }