public IActionResult GetByID(int id)
        {
            try
            {
                var receipt = _repo.Get(id);

                if (receipt != null)
                {
                    return(Ok(BuildResponse(receipt)));
                }

                return(NotFound());
            }
            catch
            {
                return(ReturnUserFriendlyError(Errors.Unknown));
            }
        }
        public void OnActionExecuting(ActionExecutingContext context)
        {
            var user = _helper.GetCurrentUser(context.HttpContext);

            try
            {
                int idToModify = (int)context.ActionArguments.SingleOrDefault(p => p.Key == "id").Value;

                int ownerId = _repo.Get(idToModify).User.ID;

                // Admins can modify too!
                if (user.ID != ownerId && !user.IsAdmin)
                {
                    context.Result = new UnauthorizedObjectResult(null);
                }
            }
            catch
            {
                context.Result = new UnauthorizedObjectResult(null);
            }
        }
示例#3
0
 public ReceiptVM GetById(int Id)
 {
     return(_receiptRepository.Get(Id));
 }