public async Task <ActionResult <IEnumerable <Goal> > > GetTimeline(long idProject) { var projectUser = await _context.ProjectUser .Include(p => p.Project) .Where(p => p.IdProject == idProject && p.IdUser == User.Id()).FirstOrDefaultAsync(); if (projectUser is null) { return(NotFound()); } if (!projectUser.HasAccess() && projectUser.Project.IsPrivate) { return(Unauthorized()); } _context.Entry(projectUser.Project).State = EntityState.Unchanged; return(await _context.Timelines.Where(g => g.IdProject == idProject) .Select(g => new Goal() { Project = null, Description = g.Description, EndDate = g.EndDate, ExpectedEndDate = g.ExpectedEndDate, IdProject = g.IdProject, Id = g.Id, Name = g.Name, StartDate = g.StartDate }).ToListAsync()); }
public async Task <IActionResult> PutProject(long id, ProjectVM projectVM) { // verificar validações em memória if (id != projectVM.Id) { return(BadRequest()); } if (projectVM.UserInfo.IdUser != User.Id() || projectVM.UserInfo.TypePermission != TypesOfPermissions.Owner) { return(Unauthorized()); } // verificar em banco var project = await _context.Projects.Where(p => p.Id == id).Include(p => p.Users).FirstOrDefaultAsync(); if (project is null) { return(NotFound()); } var isOwner = project.Users.Where(u => u.IdUser == User.Id()).Where(u => u.IsOwner()).Any(); if (!isOwner) { return(Unauthorized()); } project.Name = projectVM.Name; project.Description = projectVM.Description; project.StartDate = projectVM.StartDate; project.ExpectedEndDate = projectVM.ExpectedEndDate; project.IsPrivate = projectVM.IsPrivate; _context.Entry(project).State = EntityState.Modified; await _context.SaveChangesAsync(); return(NoContent()); }