public async Task <IActionResult> Index([FromForm] IndexCard indexcard)
{
IIndexCard lIndexCard = indexcard;
// howto upload files: https://docs.microsoft.com/en-us/aspnet/core/mvc/models/file-uploads?view=aspnetcore-3.1#upload-small-files-with-buffered-model-binding-to-physical-storage
// check if user is owner of the index card
if (IndexCardBox.UserIsOwnerOfIndexCardBox(indexcard.IndexCardBoxId, base.GetCurrentUser(_context), _context) == false)
{
return(Forbid());
}
// save uploaded files
lIndexCard = await HandleUploadedFiles(lIndexCard);
// set date
lIndexCard.Created = DateTime.UtcNow;
lIndexCard.Modified = DateTime.UtcNow;
// save in database
_context.IndexCards.Add((IndexCard)lIndexCard);
await _context.SaveChangesAsync();
// cleanup the indexcard response object
lIndexCard = CleanupIndexCardResponse(lIndexCard);
// return created indexcard
return(Json(lIndexCard));
}
public IActionResult GetSingle(int id)
{
var lIndexCard = _context.IndexCards.SingleOrDefault(x => x.Id == id);
if (lIndexCard == null)
{
return(NotFound()); // returns an 404 page not found
}
// ToDo: check if indexcard belongs to user
if (IndexCardBox.UserIsOwnerOfIndexCardBox(lIndexCard.IndexCardBoxId, base.GetCurrentUser(_context), _context) == false)
{
return(Forbid());
}
return(Json(lIndexCard));
}
// Example URI for DELETE: todos/1
public async Task <IActionResult> Index(int pId)
{
var lIndexCardBox = _context.IndexCardBoxes.Single(x => x.Id == pId);
if (lIndexCardBox == null)
{
return(NotFound()); // returns an 404 page not found
}
IUser lUser = base.GetCurrentUser(_context);
// check if box belongs to authenticated user
if (IndexCardBox.UserIsOwnerOfIndexCardBox(pId, lUser, _context) == false)
{
return(Forbid());
}
// delete all index cards and uploads
// loop all indexcards
var lIndexCards = _context.IndexCards.Select(x => x).Where(x => x.IndexCardBoxId == pId);
var lIndexCardsAsList = lIndexCards.ToList <IIndexCard>();
foreach (IIndexCard lIndexCard in lIndexCardsAsList)
{
// removed dependen uploaded files
IndexCard.RemoveAllUploadedFiles(lIndexCard, _env.WebRootPath);
}
// remove all indexcards
_context.IndexCards.RemoveRange(lIndexCards);
_context.SaveChanges();
// remove box
_context.IndexCardBoxes.Remove(lIndexCardBox);
_context.SaveChanges();
return(Json(lIndexCardBox));
}
/// <summary> Authenticated User is owner of index card. </summary>
/// <remarks> Doetsch, 18.12.19. </remarks>
/// <param name="pIndexCard"> The index card. </param>
/// <returns> True if it succeeds, false if it fails. </returns>
private bool UserIsOwnerOfIndexCard(IIndexCard pIndexCard)
{
var lResult = true;
// check if indexcard belongs to user
var lIndexCard = _context.IndexCards.SingleOrDefault(x => x.Id == pIndexCard.Id);
if (lIndexCard == null)
{
lResult = false;
}
else
{
// request owner by indexcard box
var lUser = base.GetCurrentUser(_context);
lResult = IndexCardBox.UserIsOwnerOfIndexCardBox(lIndexCard.IndexCardBoxId, lUser, _context);
// detach
_context.Entry(lIndexCard).State = EntityState.Detached;
}
return(lResult);
}
public async Task <IActionResult> Index(int id, IndexCardBox indexcardbox)
{
var lIndexCardBox = indexcardbox;
if (id != lIndexCardBox.Id)
{
return(BadRequest());
}
// check if user is owner of the index card
if (IndexCardBox.UserIsOwnerOfIndexCardBox(id, base.GetCurrentUser(_context), _context) == false)
{
return(Forbid());
}
// set modified date
lIndexCardBox.Modified = DateTime.UtcNow;
// set save
_context.Entry(lIndexCardBox).State = EntityState.Modified;
_context.SaveChanges();
return(Json(lIndexCardBox));
}
public async Task <IActionResult> Index(IndexCardBox indexCardBox)
{
var lIndexCardBox = indexCardBox;
// ToDo: Validate data
// add user id
IUser lUser = base.GetCurrentUser(_context);
lIndexCardBox.UserId = lUser.Id;
// set date
lIndexCardBox.Created = DateTime.UtcNow;
lIndexCardBox.Modified = DateTime.UtcNow;
// add Owner
lIndexCardBox.UserId = lUser.Id;
// save in database
_context.IndexCardBoxes.Add(lIndexCardBox);
await _context.SaveChangesAsync();
return(Json(lIndexCardBox));
}