public IActionResult EditDebt([FromBody] DebtEditDto debtDto) { try { _debtsService.Update(debtDto); return(Ok()); } catch (NotFoundException) { return(NotFound()); } catch (ForbiddenException) { return(Forbid()); } }
public void Update(DebtEditDto debtDto) { var debt = _context.Debts.Find(debtDto.Id); var userId = Convert.ToInt32(_httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier)?.Value); if (debt == null) { throw new NotFoundException(); } bool isAccessAllow = userId == debt.GiverId || userId == debt.TakerId; if (!isAccessAllow) { throw new ForbiddenException(); } debt.Sum = debtDto.Sum; debt.Deadline = debtDto.Deadline; debt.Description = debtDto.Description; _context.SaveChanges(); }