public void Execute(EditAdDto request)
{
var user = _userManager.FindByIdAsync(request.UserId).Result;
var role = _userManager.IsInRoleAsync(user, "Admin").Result;
var adExist = Context.Ads.SingleOrDefault(x => x.Id == request.Id);
if (!role && request.UserId != adExist.UserId)
{
throw new UnauthorizedAccessException();
}
if (adExist.Id <= 0)
{
throw new EntityNotFoundException("Ad");
}
if (!string.IsNullOrEmpty(request.Subject))
{
adExist.Subject = request.Subject;
}
if (!string.IsNullOrEmpty(request.Description))
{
adExist.Description = request.Description;
}
adExist.AddedDateTime = DateTime.Now;
Context.SaveChanges();
}
public IActionResult Put(int id, [FromBody] EditAdDto request)
{
request.Id = id;
try
{
_editAdCommand.Execute(request);
return(Ok());
}
catch (Exception ex)
{
return(StatusCode(500, ex.Message));
}
}
public void Execute(EditAdDto request)
{
var ad = _context.Ads.SingleOrDefault(w => w.Id == request.Id);
var user = _userManager.FindByIdAsync(request.UserId).Result;
var role = _userManager.IsInRoleAsync(user, "Admin").Result;
if (ad == null)
{
throw new EntityNotFoundException("Ad");
}
if (ad.UserId != request.UserId && !role)
{
throw new ApplicationException("Zabranjen pristup");
}
ad.AddedDateTime = DateTime.Now;
ad.Subject = request.Subject;
ad.Description = request.Description;
_context.SaveChanges();
}
