public async Task <IHttpActionResult> Delete(int id)
{
try
{
var currentUser = await GetCurrentUser();
TradeOrderBLL bll = new TradeOrderBLL(_unit);
bool isAdmin = await AppUserManager.IsInRoleAsync(currentUser.Id, "Admin");
if (isAdmin)
{
bll.RemoveOrder(id);
}
else
{
var o = bll.GetByID(id);
if (o.UpdatedBy == currentUser.Id)
{
bll.RemoveOrder(id);
}
else
{
BadRequest("You don't have permission to delete this order.");
}
}
}
catch (Exception ex)
{
LogHelper.Error(_log, ex.ToString());
return(InternalServerError(ex));
}
return(Ok());
}
public void Test_UpdateOrder()
{
TradeOrderBLL bll = new TradeOrderBLL(_unit);
var order = bll.GetByID(58);
TradeOrder to = new TradeOrder();
to = ObjHelper.DeepCopy(order);
to.Id = order.Id;
to.Size = 1000;
bll.UpdateOrder(to);
}