public HttpResponseMessage PutTodoList(int id, TodoListDto todoListDto) { if (!ModelState.IsValid) { return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState); } if (id != todoListDto.TodoListId) { return Request.CreateResponse(HttpStatusCode.BadRequest); } TodoList todoList = todoListDto.ToEntity(); TodoList todoListInDb = _todoListRepository.Find(todoList); if (todoListInDb.UserId != User.Identity.Name) { // Trying to modify a record that does not belong to the user return Request.CreateResponse(HttpStatusCode.Unauthorized); } _todoListRepository.Edit(todoList); try { _uow.Save(); } catch (DbUpdateConcurrencyException) { return Request.CreateResponse(HttpStatusCode.InternalServerError); } return Request.CreateResponse(HttpStatusCode.OK); }
public HttpResponseMessage PutTodoList(int id, TodoListDto todoListDto) { if (!ModelState.IsValid) { return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState); } if (id != todoListDto.TodoListId) { return Request.CreateResponse(HttpStatusCode.BadRequest); } TodoList todoList = todoListDto.ToEntity(); if (db.Entry(todoList).Entity.UserId != User.Identity.Name) { // Trying to modify a record that does not belong to the user return Request.CreateResponse(HttpStatusCode.Unauthorized); } db.Entry(todoList).State = EntityState.Modified; try { db.SaveChanges(); } catch (DbUpdateConcurrencyException) { return Request.CreateResponse(HttpStatusCode.InternalServerError); } return Request.CreateResponse(HttpStatusCode.OK); }
public HttpResponseMessage PostTodoList(TodoListDto todoListDto) { if (!ModelState.IsValid) { return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState); } todoListDto.UserId = User.Identity.Name; TodoList todoList = todoListDto.ToEntity(); db.TodoLists.Add(todoList); db.SaveChanges(); todoListDto.TodoListId = todoList.TodoListId; HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, todoListDto); response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = todoListDto.TodoListId })); return response; }
public HttpResponseMessage DeleteTodoList(int id) { TodoList todoList = _todoListRepository.Find(id); if (todoList == null) { return Request.CreateResponse(HttpStatusCode.NotFound); } if (todoList.UserId != User.Identity.Name) { // Trying to delete a record that does not belong to the user return Request.CreateResponse(HttpStatusCode.Unauthorized); } TodoListDto todoListDto = new TodoListDto(todoList); _todoListRepository.Delete(todoList); try { _uow.Save(); } catch (DbUpdateConcurrencyException) { return Request.CreateResponse(HttpStatusCode.InternalServerError); } return Request.CreateResponse(HttpStatusCode.OK, todoListDto); }