public async Task <bool> AddStudentAsync(long courseId, string studentId) { var getCourseTask = _coursesRepository.GetAsync(courseId); var getCourseMateTask = _courseMatesRepository.FindAsync(cm => cm.CourseId == courseId && cm.StudentId == studentId); await Task.WhenAll(getCourseTask, getCourseMateTask); if (getCourseTask.Result == null || getCourseMateTask.Result != null) { return(false); } var courseMate = new CourseMate { CourseId = courseId, StudentId = studentId, IsAccepted = getCourseTask.Result.IsOpen }; await _courseMatesRepository.AddAsync(courseMate); return(true); }
public async void OnAuthorization(AuthorizationFilterContext context) { var routeData = context.HttpContext.GetRouteData(); var query = context.HttpContext.Request.Query; if (routeData.Values.TryGetValue("courseId", out var courseId)) { var userId = query.SingleOrDefault(x => x.Key == "_id").Value; var course = await _coursesRepository.GetAsync(long.Parse(courseId.ToString())); if (course?.MentorId != userId) { context.Result = new StatusCodeResult(StatusCodes.Status403Forbidden); } } }