public IActionResult CreateDebt([FromBody] DebtInboxDto debtDto)
{
try
{
_debtsService.CreateDebt(debtDto);
return(Ok());
}
catch (ForbiddenException)
{
return(Forbid());
}
}
public void CreateDebt(DebtInboxDto debtDto)
{
var userId = Convert.ToInt32(_httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier)?.Value);
bool isAccessAllow = userId == debtDto.GiverId || userId == debtDto.TakerId;
if (!isAccessAllow)
{
throw new ForbiddenException();
}
Debt debt = _mapper.Map <Debt>(debtDto);
debt.IsActive = true;
debt.Date = DateTimeOffset.Now;
_context.Debts.Add(debt);
_context.SaveChanges();
}
