public IHttpActionResult PutRole(int id, Role role) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (id != role.RoleId) { return(BadRequest()); } db.Entry(role).State = EntityState.Modified; try { db.SaveChanges(); } catch (DbUpdateConcurrencyException) { if (!RoleExists(id)) { return(NotFound()); } else { throw; } } return(StatusCode(HttpStatusCode.NoContent)); }
public IHttpActionResult PutExhibition(int id, Exhibition exhibition) { User user = db.Users.Where(u => u.Username == User.Identity.Name).FirstOrDefault(); if (!ModelState.IsValid || user.RoleId != 2) { return(BadRequest(ModelState)); } if (id != exhibition.ExhibitionId) { return(BadRequest()); } db.Entry(exhibition).State = EntityState.Modified; try { db.SaveChanges(); } catch (DbUpdateConcurrencyException) { if (!ExhibitionExists(id)) { return(NotFound()); } else { throw; } } return(StatusCode(HttpStatusCode.NoContent)); }
public IHttpActionResult PutUser(int id, User user) { if (!ModelState.IsValid || user.RoleId == 1) { return(BadRequest(ModelState)); } if (id != user.UserId) { return(BadRequest()); } db.Entry(user).State = EntityState.Modified; try { db.SaveChanges(); } catch (DbUpdateConcurrencyException) { if (!UserExists(id)) { return(NotFound()); } else { throw; } } return(StatusCode(HttpStatusCode.NoContent)); }
public IHttpActionResult PutPosting([FromUri] int id, [FromBody] Posting posting) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } User user = db.Users.Where(u => u.Username == User.Identity.Name).FirstOrDefault(); Competition competition = db.Competitions.Where(c => c.CompetitionId == posting.CompetitionId).FirstOrDefault(); Posting postingDB = db.Postings.Where(p => p.PostingId == id).FirstOrDefault(); Posting postingSubmit = new Posting(); postingSubmit = postingDB; switch (user.RoleId) { case 3: //TODO teacher if (user.UserId != competition.UserId) { return(BadRequest()); } postingSubmit.Mark = posting.Mark; break; case 4: //TODO student if (user.UserId != postingDB.UserId) { return(BadRequest()); } postingSubmit.ImagePath = posting.ImagePath; postingSubmit.Quote = posting.Quote; break; default: return(BadRequest()); } db.Entry(postingSubmit).State = EntityState.Modified; try { db.SaveChanges(); } catch (DbUpdateConcurrencyException) { if (!PostingExists(id)) { return(NotFound()); } else { throw; } } return(StatusCode(HttpStatusCode.NoContent)); }