// POST: api/BookApi/Create public HttpStatusCodeResult Create([Bind(Include = "Title,Author,Description")] BookApi bookApi) { if (bookApi == null || User.Identity.GetUserId() == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } if (ModelState.IsValid) { Book book = new Book(); User user = db.Users.Find(User.Identity.GetUserId()); book.Title = bookApi.Title; book.Author = bookApi.Author; book.Description = bookApi.Description; // book.User = user; db.Books.Add(book); db.SaveChanges(); return(new HttpStatusCodeResult(HttpStatusCode.OK)); } return(new HttpStatusCodeResult(HttpStatusCode.Conflict)); }
// POST: api/BookApi/Edit/2 public HttpStatusCodeResult Edit(int?id, [Bind(Include = "Title,Author,Description")] BookApi bookApi) { if (id == null || bookApi == null || User.Identity.GetUserId() == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } Book book = db.Books.Find(id); if (book == null) { return(new HttpStatusCodeResult(HttpStatusCode.NotFound)); } /* * if (book.User.Id != id.ToString()) * { * return new HttpStatusCodeResult(HttpStatusCode.Unauthorized); * } */ if (ModelState.IsValid) { book.Title = bookApi.Title; book.Author = bookApi.Author; book.Description = bookApi.Description; db.Entry(book).State = EntityState.Modified; db.SaveChanges(); return(new HttpStatusCodeResult(HttpStatusCode.OK)); } return(new HttpStatusCodeResult(HttpStatusCode.Conflict)); }