public IActionResult User_EditAccountDesc(int id, int account_id, [FromBody] string description) { // attempt to edit the description // verify that the user is either admin or is requesting their own data if (!HelperMethods.ValidateIsUserOrAdmin(_httpContextAccessor, _context, id, _keyAndIV)) { ErrorMessage error = new ErrorMessage("Invalid User", "Caller can only access their information."); return(new UnauthorizedObjectResult(error)); } // validate ownership of said account if (!_context.Users.Single(a => a.ID == id).Accounts.Exists(b => b.ID == account_id)) { ErrorMessage error = new ErrorMessage("Invalid account", "User does not have an account matching that ID."); return(new BadRequestObjectResult(error)); } // get account and modify Account accToEdit = _context.Users.Single(a => a.ID == id).Accounts.Single(b => b.ID == account_id); accToEdit.Description = HelperMethods.HexStringToByteArray(description); accToEdit.LastModified = DateTime.Now.ToString(); _context.SaveChanges(); return(Ok()); }
public IActionResult User_EditAccount(int id, int acc_id, [FromBody] NewAccount acc) { // verify that the user is either admin or is requesting their own data if (!HelperMethods.ValidateIsUserOrAdmin(_httpContextAccessor, _context, id, _keyAndIV)) { ErrorMessage error = new ErrorMessage("Invalid User", "Caller can only access their information."); return(new UnauthorizedObjectResult(error)); } // validate ownership of said account if (!_context.Users.Single(a => a.ID == id).Accounts.Exists(b => b.ID == acc_id)) { ErrorMessage error = new ErrorMessage("Failed to edit account", "User does not have an account matching that ID."); return(new BadRequestObjectResult(error)); } // get account and modify Account accToEdit = _context.Users.Single(a => a.ID == id).Accounts.Single(b => b.ID == acc_id); accToEdit.Title = HelperMethods.HexStringToByteArray(acc.Title); accToEdit.Login = HelperMethods.HexStringToByteArray(acc.Login); accToEdit.Password = HelperMethods.HexStringToByteArray(acc.Password); accToEdit.Url = HelperMethods.HexStringToByteArray(acc.Url); accToEdit.Description = HelperMethods.HexStringToByteArray(acc.Description); accToEdit.LastModified = DateTime.Now.ToString(); _context.SaveChanges(); // return the new object to easily update on frontend without making another api call return(new OkObjectResult(new ReturnableAccount(accToEdit))); }
public IActionResult User_EditFolderName(int id, int folder_id, [FromBody] string name) { // attempt to edit the title // verify that the user is either admin or is requesting their own data if (!HelperMethods.ValidateIsUserOrAdmin(_httpContextAccessor, _context, id, _keyAndIV)) { ErrorMessage error = new ErrorMessage("Invalid User", "Caller can only access their information."); return(new UnauthorizedObjectResult(error)); } // validate ownership of said folder if (!_context.Users.Single(a => a.ID == id).Folders.Exists(b => b.ID == folder_id)) { ErrorMessage error = new ErrorMessage("Invalid Folder", "User does not have a folder matching that ID."); return(new BadRequestObjectResult(error)); } // modify _context.Users.Single(a => a.ID == id).Folders.Single(b => b.ID == folder_id).FolderName = HelperMethods.HexStringToByteArray(name); _context.SaveChanges(); return(Ok()); }