public IHttpActionResult Edit(int? id, Tag tag_data)
{
var userId = User.Identity.GetUserId();
ApplicationUser user = null;
if (userId != null)
{
user = db.Users.Find(userId);
}
if (tag_data == null || tag_data.Name == null) return BadRequest();
var tag = db.Tags.Find(id);
if (tag == null) return NotFound();
// authro !! edit, all logged users can change!
if (user == null ) return Unauthorized();
tag.Name = tag_data.Name;
tag.isAdultContent = tag_data.isAdultContent;
db.SaveChanges();
return Ok(new {
id = tag.id,
name = tag.Name,
isAdultContent = tag.isAdultContent
});
}
public IHttpActionResult Post(Tag tag)
{
var userId = User.Identity.GetUserId();
ApplicationUser user = null;
if (userId != null)
{
user = db.Users.Find(userId);
}
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
if (tag == null || tag.Name == null)
{
return this.BadRequest();
}
if (db.Tags.Any(t => t.Name == tag.Name && t.isAdultContent == tag.isAdultContent)) return BadRequest();
// not specified in the task again....
// I added this check myself, since the tags require a Owner ( for them to be able to be deleted )
if (user == null) return Unauthorized();
tag.Owner = user;
db.Tags.Add(tag);
db.SaveChanges();
return CreatedAtRoute(
"DefaultApi",
new { controller = "Tags", id = tag.id },
new
{
id = tag.id,
name = tag.Name,
isAdultContent = tag.isAdultContent
}
);
}