public IHttpActionResult PostTask(TaskDetailDTO taskDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
Assignment assignment = db.Assignments.Find(taskDTO.NewAssignmentId);
if (!ModelState.IsValid || assignment == null || assignment.Course == null ||
!taskDTO.Validate(null, assignment))
{
return(BadRequest());
}
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, assignment.Course)))
{
return(Unauthorized());
}
Task task = taskDTO.Create();
string error = db.Update(task, Added);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignment.Id));
}
public IHttpActionResult PutTask(int id, TaskDetailDTO taskDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
Task task = db.Tasks.Find(id);
if (taskDTO == null || task == null || task.Assignment == null || task.Assignment.Course == null ||
!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Course course = task.Assignment.Course;
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course)))
{
return(Unauthorized());
}
if (!taskDTO.Validate(task, task.Assignment))
{
return(BadRequest());
}
taskDTO.Update(task);
string error = db.Update(task, Modified);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + task.Assignment.Id));
}
