public async Task <IActionResult> UpdateIdea(string id, IdeaRequest request) { // Authenticate requester. var jwtToken = Request.Headers["X-Access-Token"]; if (!tokenHelper.ValidateJwtToken(jwtToken, out SecurityToken validatedToken)) { return(Unauthorized()); } // Sanitize inputs. if (request.Content.Length > 255) { return(BadRequest("Content cannot exceed 255 characters.")); } if (request.Impact < 1 || request.Impact > 10) { return(BadRequest("Impact must be between 1 and 10.")); } if (request.Ease < 1 || request.Ease > 10) { return(BadRequest("Ease must be between 1 and 10.")); } if (request.Confidence < 1 || request.Confidence > 10) { return(BadRequest("Confidence must be between 1 and 10.")); } var idea = await dbContext.Ideas.FindAsync(id); // Get the user's ID from the claims. var userIdString = HttpContext.User.Claims.First(c => c.Type.Equals("user_id")).Value; int userId = int.Parse(userIdString); // Users are only allowed to update their own ideas. if (idea.UserId != userId) { return(Unauthorized()); } // Copy request parameters. idea.Content = request.Content; idea.Impact = (int)request.Impact; idea.Ease = (int)request.Ease; idea.Confidence = (int)request.Confidence; // Attach idea to context and save. dbContext.Entry(idea).State = EntityState.Modified; await dbContext.SaveChangesAsync(); var response = new IdeaResponse(idea.Id, idea.Content, idea.Impact, idea.Ease, idea.Confidence, idea.CreatedAt); return(Ok(response)); }
public async Task <ActionResult <Idea> > CreateIdea(IdeaRequest request) { // Authenticate requester. var jwtToken = Request.Headers["X-Access-Token"]; if (!tokenHelper.ValidateJwtToken(jwtToken, out SecurityToken validatedToken)) { return(Unauthorized()); } // Sanitize inputs. if (request.Content.Length > 255) { return(BadRequest("Content cannot exceed 255 characters.")); } if (request.Impact < 1 || request.Impact > 10) { return(BadRequest("Impact must be between 1 and 10.")); } if (request.Ease < 1 || request.Ease > 10) { return(BadRequest("Ease must be between 1 and 10.")); } if (request.Confidence < 1 || request.Confidence > 10) { return(BadRequest("Confidence must be between 1 and 10.")); } // Get the user's ID from the claims. var userIdString = HttpContext.User.Claims.First(c => c.Type.Equals("user_id")).Value; int userId = int.Parse(userIdString); var idea = new Idea() { Id = await GenerateUniqueId(userId), UserId = userId, Content = request.Content, Impact = (int)request.Impact, Ease = (int)request.Ease, Confidence = (int)request.Confidence, CreatedAt = DateTimeOffset.UtcNow.ToUnixTimeSeconds() }; dbContext.Ideas.Add(idea); await dbContext.SaveChangesAsync(); var response = new IdeaResponse(idea.Id, idea.Content, idea.Impact, idea.Ease, idea.Confidence, idea.CreatedAt); return(CreatedAtAction(nameof(GetIdeas), response)); }