public ExpenseReportDto GetExpenseReport(int id) { var expenseReport = Uow.ExpenseReports.Include(e => e.Employee).Include(r => r.Expenses).GetById(id); if (expenseReport == null) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound)); } if (expenseReport.Employee.UserId.ToLower() != User.Identity.Name.ToLower()) { // Trying to modify a record that does not belong to the user throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized)); } var dto = new ExpenseReportDto { ExpenseReportId = expenseReport.Id, //Name = expenseReport.Name, Date = expenseReport.Date, Expenses = expenseReport.Expenses.Select(e => new ExpenseDto { ExpenseId = e.Id, ExpenseReportId = expenseReport.Id, Date = e.Date, Description = e.Description, CurrencyId = e.CurrencyId, TypeId = e.TypeId, Amount = e.Amount, ExchangeRate = e.ExchangeRate }).AsQueryable() }; return(dto); }
public HttpResponseMessage Submit(ExpenseReportDto dto) { var date = DateTime.Now; dto.Date = date; var response = Request.CreateResponse(HttpStatusCode.Created, dto); response.Headers.Location = new Uri(Url.Link("DefaultApi", dto)); return(response); }