public IHttpActionResult PostTask(TaskDetailDTO taskDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } Assignment assignment = db.Assignments.Find(taskDTO.NewAssignmentId); if (!ModelState.IsValid || assignment == null || assignment.Course == null || !taskDTO.Validate(null, assignment)) { return(BadRequest()); } if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, assignment.Course))) { return(Unauthorized()); } Task task = taskDTO.Create(); string error = db.Update(task, Added); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignment.Id)); }
public IHttpActionResult PutTask(int id, TaskDetailDTO taskDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } Task task = db.Tasks.Find(id); if (taskDTO == null || task == null || task.Assignment == null || task.Assignment.Course == null || !ModelState.IsValid) { return(BadRequest(ModelState)); } Course course = task.Assignment.Course; if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course))) { return(Unauthorized()); } if (!taskDTO.Validate(task, task.Assignment)) { return(BadRequest()); } taskDTO.Update(task); string error = db.Update(task, Modified); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + task.Assignment.Id)); }