public async Task <IActionResult> UpdateIdea(string id, IdeaRequest request)
{
// Authenticate requester.
var jwtToken = Request.Headers["X-Access-Token"];
if (!tokenHelper.ValidateJwtToken(jwtToken, out SecurityToken validatedToken))
{
return(Unauthorized());
}
// Sanitize inputs.
if (request.Content.Length > 255)
{
return(BadRequest("Content cannot exceed 255 characters."));
}
if (request.Impact < 1 || request.Impact > 10)
{
return(BadRequest("Impact must be between 1 and 10."));
}
if (request.Ease < 1 || request.Ease > 10)
{
return(BadRequest("Ease must be between 1 and 10."));
}
if (request.Confidence < 1 || request.Confidence > 10)
{
return(BadRequest("Confidence must be between 1 and 10."));
}
var idea = await dbContext.Ideas.FindAsync(id);
// Get the user's ID from the claims.
var userIdString = HttpContext.User.Claims.First(c => c.Type.Equals("user_id")).Value;
int userId = int.Parse(userIdString);
// Users are only allowed to update their own ideas.
if (idea.UserId != userId)
{
return(Unauthorized());
}
// Copy request parameters.
idea.Content = request.Content;
idea.Impact = (int)request.Impact;
idea.Ease = (int)request.Ease;
idea.Confidence = (int)request.Confidence;
// Attach idea to context and save.
dbContext.Entry(idea).State = EntityState.Modified;
await dbContext.SaveChangesAsync();
var response = new IdeaResponse(idea.Id, idea.Content, idea.Impact, idea.Ease, idea.Confidence, idea.CreatedAt);
return(Ok(response));
}
public async Task <ActionResult <Idea> > CreateIdea(IdeaRequest request)
{
// Authenticate requester.
var jwtToken = Request.Headers["X-Access-Token"];
if (!tokenHelper.ValidateJwtToken(jwtToken, out SecurityToken validatedToken))
{
return(Unauthorized());
}
// Sanitize inputs.
if (request.Content.Length > 255)
{
return(BadRequest("Content cannot exceed 255 characters."));
}
if (request.Impact < 1 || request.Impact > 10)
{
return(BadRequest("Impact must be between 1 and 10."));
}
if (request.Ease < 1 || request.Ease > 10)
{
return(BadRequest("Ease must be between 1 and 10."));
}
if (request.Confidence < 1 || request.Confidence > 10)
{
return(BadRequest("Confidence must be between 1 and 10."));
}
// Get the user's ID from the claims.
var userIdString = HttpContext.User.Claims.First(c => c.Type.Equals("user_id")).Value;
int userId = int.Parse(userIdString);
var idea = new Idea()
{
Id = await GenerateUniqueId(userId),
UserId = userId,
Content = request.Content,
Impact = (int)request.Impact,
Ease = (int)request.Ease,
Confidence = (int)request.Confidence,
CreatedAt = DateTimeOffset.UtcNow.ToUnixTimeSeconds()
};
dbContext.Ideas.Add(idea);
await dbContext.SaveChangesAsync();
var response = new IdeaResponse(idea.Id, idea.Content, idea.Impact, idea.Ease, idea.Confidence, idea.CreatedAt);
return(CreatedAtAction(nameof(GetIdeas), response));
}
