public async Task <ActionResult> Create([Bind("Name")] ApiCharacter character) { if (!ModelState.IsValid) { return(View(character)); } HttpRequestMessage request = CreateRequestToService(HttpMethod.Post, Configuration["ServiceEndpoints:Character"], character); HttpResponseMessage response; try { response = await HttpClient.SendAsync(request); } catch (HttpRequestException) { ModelState.AddModelError("", "Unexpected server error"); return(View(character)); } if (!response.IsSuccessStatusCode) { if (response.StatusCode == HttpStatusCode.Unauthorized) { return(RedirectToAction("Login", "Account")); } ModelState.AddModelError("", "Unexpected server error"); return(View(character)); } return(RedirectToAction(nameof(Index))); }
// GET: Character/Details/5 public async Task <ActionResult> Details(int id) { HttpRequestMessage request = CreateRequestToService(HttpMethod.Get, $"{Configuration["ServiceEndpoints:Character"]}/{id}"); HttpResponseMessage response; try { response = await HttpClient.SendAsync(request); } catch (HttpRequestException) { return(View("Error", new ErrorViewModel())); } if (!response.IsSuccessStatusCode) { if (response.StatusCode == HttpStatusCode.Unauthorized) { return(RedirectToAction("Login", "Account")); } return(View("Error", new ErrorViewModel())); } var jsonString = await response.Content.ReadAsStringAsync(); ApiCharacter character = JsonConvert.DeserializeObject <ApiCharacter>(jsonString); return(View(character)); }
public async Task <IActionResult> Post([FromBody, Bind("Name")] ApiCharacter apiCharacter) { // there was some "overposting" vulnerability here... i do not want client to be able // to set the ID. either i can make sure to ignore that value if he sends it // or i can explicitly not bind it. Character character = _mapper.Map(apiCharacter); Character newCharacter = await _characterRepository.AddAsync(character); ApiCharacter newApiCharacter = _mapper.Map(newCharacter); return(CreatedAtAction(nameof(GetById), new { id = newApiCharacter.Id }, newApiCharacter)); }
public async Task <IActionResult> Put(int id, [FromBody, Bind("Name")] ApiCharacter apiCharacter) { // implementation choice, whether PUT on nonexistent resource is // successful or error. if (await _characterRepository.GetByIdAsync(id) is null) { return(NotFound()); } Character character = _mapper.Map(apiCharacter); character.Id = id; await _characterRepository.UpdateAsync(character); return(NoContent()); // 204 }
public async Task <ActionResult> Delete(int id, ApiCharacter character) { if (!(Account?.Roles?.Contains("admin") ?? false)) { // access denied return(View("Error", new ErrorViewModel())); } if (!ModelState.IsValid) { return(View(character)); } HttpRequestMessage request = CreateRequestToService(HttpMethod.Delete, $"{Configuration["ServiceEndpoints:Character"]}/{id}"); HttpResponseMessage response; try { response = await HttpClient.SendAsync(request); } catch (HttpRequestException) { ModelState.AddModelError("", "Unexpected server error"); return(View(character)); } if (!response.IsSuccessStatusCode) { switch (response.StatusCode) { case HttpStatusCode.Unauthorized: return(RedirectToAction("Login", "Account")); case HttpStatusCode.NotFound: return(View("Error", new ErrorViewModel())); default: ModelState.AddModelError("", "Unexpected server error"); return(View()); } } return(RedirectToAction(nameof(Index))); }