public IHttpActionResult Edit(int id, EditTransactionBindingModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var userId = User.Identity.GetUserId(); var transaction = Context .Transactions .FirstOrDefault(p => p.Id == id); if (transaction == null) { return(NotFound()); } if (transaction.BankAccount.Household.OwnerId != userId && transaction.OwnerId != userId) { ModelState.AddModelError("", "You are not allowed to edit this transaction"); return(BadRequest(ModelState)); } var category = Context .Categories .FirstOrDefault(p => p.Id == model.CategoryId && p.HouseholdId == transaction.BankAccount.HouseholdId); if (category == null) { ModelState.AddModelError("", "Category doesn't exist in this household"); return(BadRequest(ModelState)); } if (!transaction.IsVoided) { transaction.BankAccount.Balance -= transaction.Amount; transaction.BankAccount.Balance += model.Amount; } transaction.DateUpdated = DateTime.Now; Mapper.Map(model, transaction); Context.SaveChanges(); var result = Mapper.Map <TransactionViewModel>(transaction); return(Ok(result)); }
public IHttpActionResult Edit(EditTransactionBindingModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var userId = User.Identity.GetUserId(); var transaction = _db.Transactions .FirstOrDefault(p => p.Id == model.TransactionId); if (transaction == null) { return(BadRequest("Transaction doesn't exist")); } var houseHold = transaction.Account.HouseHold; if (houseHold.CreatorId == userId || houseHold.Members.Any(p => p.Id == userId)) { transaction.Account.Balance -= transaction.Amount; transaction.Description = model.Description; transaction.Date = model.Date; transaction.Amount = model.Amount; transaction.CategoryId = model.CategoryId; transaction.Account.Balance += transaction.Amount; _db.SaveChanges(); return(Ok()); } else { return(BadRequest("Not authorized")); } }