public async Task<IActionResult> Create(int id, [FromBody] QuestionDTO questionDto)
{
if (questionDto == null)
{
return BadRequest();
}
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var question = new Question
{
SurveyId = id,
Text = questionDto.Text,
Type = questionDto.Type,
PossibleAnswers = questionDto.PossibleAnswers
};
var survey = await _surveyStore.GetSurveyAsync(question.SurveyId);
if (survey == null)
{
return NotFound();
}
// The AuthorizationService uses the policies in the Tailspin.Surveys.Security project
if (!await _authorizationService.AuthorizeAsync(User, survey, Operations.Update))
{
return new StatusCodeResult(403);
}
await _questionStore.AddQuestionAsync(question);
return CreatedAtRoute("GetQuestion", new { controller = "Question", id = question.Id }, questionDto);
}
public async Task<Question> DeleteQuestionAsync(Question question)
{
_dbContext.Questions.Remove(question);
await _dbContext
.SaveChangesAsync()
.ConfigureAwait(false);
return question;
}
public async Task<Question> UpdateQuestionAsync(Question question)
{
_dbContext.Questions.Attach(question);
_dbContext.Entry(question).State = EntityState.Modified;
await _dbContext
.SaveChangesAsync()
.ConfigureAwait(false);
return question;
}