public async Task <IActionResult> PutPicture(int id, Picture picture) { var authorizedUser = await Authentication.GetAuthenticatedUserAsync(_context, Request); if (authorizedUser.Result is UnauthorizedResult) { return(Unauthorized()); } if (authorizedUser.Value == null) { return(Unauthorized()); } if (picture.ArtistId.HasValue && picture.ArtistId != authorizedUser.Value.Id) { return(Unauthorized()); } else if (picture.HostId.HasValue && picture.ArtistId != authorizedUser.Value.Id) { return(Unauthorized()); } else if (picture.EventId.HasValue) { Event @event = await _context.Events.FindAsync(picture.EventId.Value); if (@event == null) { return(BadRequest()); } else if (@event.HostId != authorizedUser.Value.Id) { return(Unauthorized()); } } if (id != picture.Id) { return(BadRequest()); } _context.Entry(picture).State = EntityState.Modified; try { await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!PictureExists(id)) { return(NotFound()); } else { throw; } } return(Ok()); }
public async Task <IActionResult> PutParticipation(int id, Participation participation) { var authorizedUser = await Authentication.GetAuthenticatedUserAsync(_context, Request); if (authorizedUser.Result is UnauthorizedResult) { return(Unauthorized()); } var @event = await _context.Events.FindAsync(participation.EventId); if (authorizedUser.Value == null) { return(Unauthorized()); } if (!(participation.ArtistId == authorizedUser.Value.Id || @event.HostId == authorizedUser.Value.Id)) { return(Unauthorized()); } if (id != participation.Id) { return(BadRequest()); } _context.Entry(participation).State = EntityState.Modified; try { await _context.SaveChangesAsync(); if (participation.ArtistId == authorizedUser.Value.Id) { Task.Run(() => NotifyHostUpdateAsync(participation.Id)); } else if (participation.Event.HostId == authorizedUser.Value.Id) { Task.Run(() => NotifyArtistUpdateAsync(participation.Id)); } } catch (DbUpdateConcurrencyException) { if (!ParticipationExists(id)) { return(NotFound()); } else { throw; } } return(Ok()); }
public async Task <IActionResult> PutFavorite(int id, Favorite favorite) { var authorizedUser = await Authentication.GetAuthenticatedUserAsync(_context, Request); if (authorizedUser.Result is UnauthorizedResult) { return(Unauthorized()); } if (authorizedUser.Value == null) { return(Unauthorized()); } if (favorite.ArtistId != authorizedUser.Value.Id) { return(Unauthorized()); } if (id != favorite.Id) { return(BadRequest()); } _context.Entry(favorite).State = EntityState.Modified; try { await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!FavoriteExists(id)) { return(NotFound()); } else { throw; } } return(Ok()); }