public HttpResponseMessage CreateQuote(QuotationViewModel quote) { if (User.Identity.IsAuthenticated) { var user = userManager.FindById(User.Identity.GetUserId()); using (var categoryCreator = new CategoryCreationHelper()) { categoryCreator.TryCreateCategory(quote.Category); } // Grab the category var category = db.Categories.Where(c => c.Name.Equals(quote.Category)).First(); // Create the quote var newQuote = new Quotation { Author = quote.Author, Category = category, DateAdded = DateTime.Now, Quote = quote.Quote, User = user }; db.Quotations.Add(newQuote); db.SaveChanges(); return Request.CreateResponse(HttpStatusCode.Created); } else { return Request.CreateResponse(HttpStatusCode.Forbidden); } }
public HttpResponseMessage UpdateQuote(int id, QuotationViewModel quote) { var quoteToUpdate = db.Quotations.Where(q => q.QuotationId == id).FirstOrDefault(); var user = userManager.FindById(User.Identity.GetUserId()); if (quoteToUpdate == null) { return Request.CreateResponse(HttpStatusCode.NotFound); } else if (User.IsInRole("admin") || (User.Identity.IsAuthenticated && quoteToUpdate.User.Id.Equals(user.Id))) { using (var categoryCreator = new CategoryCreationHelper()) { categoryCreator.TryCreateCategory(quote.Category); } // Grab the category var category = db.Categories.Where(c => c.Name.Equals(quote.Category)).First(); // Update the quotation db.Entry(quoteToUpdate).State = System.Data.Entity.EntityState.Modified; var entity = db.Entry(quoteToUpdate).Entity; entity.Category = category; entity.Author = quote.Author; entity.Quote = quote.Quote; db.SaveChanges(); return Request.CreateResponse(HttpStatusCode.OK); } else { return Request.CreateResponse(HttpStatusCode.Forbidden); } }