// PUT: odata/Groups(5) public async Task <IHttpActionResult> Put([FromODataUri] int key, Delta <Group> patch) { Validate(patch.GetEntity()); if (!ModelState.IsValid) { return(BadRequest(ModelState)); } Group group = await db.Groups.FindAsync(key); if (group == null) { return(NotFound()); } var check = AuthorizeLogic.VerifyGroupEditPermission(group); if (check) { patch.Put(group); try { await db.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!GroupExists(key)) { return(NotFound()); } else { throw; } } return(Updated(group)); } else { return(Unauthorized()); } }
// POST[Authorize]: odata/Groups public async Task <IHttpActionResult> Post(Group group) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var check = AuthorizeLogic.VerifyGroupEditPermission(group); if (check) { db.Groups.Add(group); await db.SaveChangesAsync(); return(Created(group)); } else { return(Unauthorized()); } }
// DELETE: odata/Groups(5) public async Task <IHttpActionResult> Delete([FromODataUri] int key) { Group group = await db.Groups.FindAsync(key); if (group == null) { return(NotFound()); } var check = AuthorizeLogic.VerifyGroupEditPermission(group); if (check) { db.Groups.Remove(group); await db.SaveChangesAsync(); return(StatusCode(HttpStatusCode.NoContent)); } else { return(Unauthorized()); } }