public ActionResult <HealthcareProviderAccountResponse> Update(int id, HealthcareProviderUpdateRequest model)
{
// users can update their own account and admins can update any account
// if (id != HealthcareProvider.Id || Account.Role != Role.Admin)
// return Unauthorized(new { message = "Unauthorized" });
// only admins can update role
if (Account.Role != Role.Admin)
{
model.Role = null;
}
var account = _accountService.Update(id, model);
return(Ok(account));
}
public HealthcareProviderAccountResponse Update(int id, HealthcareProviderUpdateRequest model)
{
var account = getAccount(id);
// validate
if (account.Email != model.Email && _context.HealthcareProviders.Any(x => x.Email == model.Email))
{
throw new AppException($"Email '{model.Email}' is already taken");
}
// hash password if it was entered
if (!string.IsNullOrEmpty(model.Password))
{
account.PasswordHash = BC.HashPassword(model.Password);
}
// copy model to account and save
_mapper.Map(model, account);
account.Updated = DateTime.UtcNow;
_context.HealthcareProviders.Update(account);
_context.SaveChanges();
return(_mapper.Map <HealthcareProviderAccountResponse>(account));
}