public async Task <ActionResult <UserTiles> > PostUserTiles(UserTileHttp payload) { var tile = new UserTiles() { Titel = payload.Titel, Description = payload.Description, Link = payload.Link, Tags = payload.Tags, Guid = Guid.NewGuid(), Username = GetUsername() }; _context.UserTiles.Add(tile); try { await _context.SaveChangesAsync(); } catch (DbUpdateException) { if (UserTilesExists(tile.Guid)) { return(Conflict()); } else { throw; } } return(Ok(tile)); }
private bool IsUserAllowed(UserTiles userTile) { if (GetUsername() == userTile?.Username) { return(true); } return(false); }
public async Task <IActionResult> PutUserTiles(Guid id, UserTiles payload) { if (id != payload.Guid) { return(BadRequest()); } var userTile = await _context.UserTiles.FindAsync(id); if (userTile == null) { return(NotFound()); } if (!IsUserAllowed(userTile)) { return(Forbid()); } //Reset the username so the username can't be edited payload.Username = GetUsername(); //Deatach _context.Entry(userTile).State = EntityState.Detached; //Modify _context.Entry(payload).State = EntityState.Modified; try { await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!UserTilesExists(id)) { return(NotFound()); } else { throw; } } return(NoContent()); }