public IHttpActionResult EditMeal(int id, EditMealBindingModel model)
{
var loggedUserId = this.User.Identity.GetUserId();
var user = this.Data.Users.Find(loggedUserId);
var meal = this.Data.Meals.FirstOrDefault(m => m.Id == id);
if (meal == null)
{
return(this.NotFound());
}
if (user.Id != meal.Restaurant.OwnerId)
{
return(this.Unauthorized());
}
if (model == null)
{
return(this.BadRequest());
}
if (!ModelState.IsValid)
{
return(this.BadRequest());
}
if (!this.Data.MealTypes.Any(m => m.Id == model.TypeId))
{
return(this.BadRequest());
}
meal.Name = model.Name;
meal.Price = model.Price;
meal.TypeId = model.TypeId;
this.Data.SaveChanges();
return(this.CreatedAtRoute(
"DefaultApi",
new { id = meal.Id },
new GetMealsViewModel()
{
Id = meal.Id,
Name = meal.Name,
Price = meal.Price,
Type = this.Data.MealTypes
.Where(mt => mt.Id == meal.TypeId)
.Select(mt => mt.Name).First()
}));
}
public IHttpActionResult EditMeal(int id, EditMealBindingModel mealBindingModel)
{
var userId = this.User.Identity.GetUserId();
if (mealBindingModel == null)
{
return this.BadRequest("Data is missing");
}
if (!this.ModelState.IsValid)
{
return this.BadRequest(this.ModelState);
}
var meal = this.Data.Meals.GetAll().FirstOrDefault(m => m.Id == id);
if (meal == null)
{
return this.NotFound();
}
if (userId != meal.Restaurant.OwnerId)
{
return this.Unauthorized();
}
meal.Name = mealBindingModel.Name;
meal.Price = mealBindingModel.Price;
meal.TypeId = mealBindingModel.TypeId;
this.Data.SaveChanges();
var mealView = this.Data.Meals.GetAll()
.Where(m => m.Id == meal.Id)
.Select(MealViewModel.Create())
.FirstOrDefault();
return this.Ok(mealView);
}
public void EditExistingMealShouldEditMealCorrectlly()
{
var loginData = this.Login("uti");
this.client.DefaultRequestHeaders.Add("Authorization", "Bearer " + loginData.Access_Token);
var meal = this.context.Meals.FirstOrDefault();
if (meal == null)
{
Assert.Fail("No meals in the database.");
}
var type = meal.Type;
var editMeal = new EditMealBindingModel
{
Name = "Meal One",
Price = 1M,
TypeId = type.Id
};
var editMealBody = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("name", editMeal.Name),
new KeyValuePair<string, string>("price", editMeal.Price.ToString(CultureInfo.InvariantCulture)),
new KeyValuePair<string, string>("typeId", editMeal.TypeId.ToString())
});
var editMealResponse = this.client.PutAsync("api/meals/" + meal.Id, editMealBody).Result;
var mealResponse = editMealResponse.Content.ReadAsAsync<MealViewModel>().Result;
Assert.AreEqual(editMeal.Name, mealResponse.Name);
Assert.AreEqual(editMeal.Price, mealResponse.Price);
Assert.AreEqual(type.Name, mealResponse.Type);
// Clean headers
this.client.DefaultRequestHeaders.Remove("Authorization");
}
public void EditExistingMealUnauthorizedShouldReturn401Unauthorize()
{
var meal = this.context.Meals.FirstOrDefault();
if (meal == null)
{
Assert.Fail("No meals in the database.");
}
var type = meal.Type;
var editMeal = new EditMealBindingModel
{
Name = "Meal One",
Price = 1M,
TypeId = type.Id
};
var editMealBody = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("name", editMeal.Name),
new KeyValuePair<string, string>("price", editMeal.Price.ToString(CultureInfo.InvariantCulture)),
new KeyValuePair<string, string>("typeId", editMeal.TypeId.ToString())
});
var editMealResponse = this.client.PutAsync("api/meals/" + meal.Id, editMealBody).Result;
Assert.AreEqual(HttpStatusCode.Unauthorized, editMealResponse.StatusCode);
}