示例#1
0
        public async Task <ActionResult <UserBoardDTO> > Post(UserBoardDTO board)
        {
            var other = await _context.Boards.FindAsync(board.BoardId);

            if (other != null)
            {
                var err = new ValidationErrors().Add("This Id already in use", nameof(board.BoardId));
                return(BadRequest(err));
            }
            var currentUser = await _context.Users.SingleOrDefaultAsync(u => u.Pseudo == User.Identity.Name);

            if (currentUser.UserId != board.AuthorId)
            {
                return(Unauthorized("Vous n'êtes pas autorisé à effectuer cette action"));
            }

            var newBoard = new Board()
            {
                Title       = board.Title,
                PicturePath = board.PicturePath,
                AuthorId    = board.AuthorId
            };

            _context.Boards.Add(newBoard);

            var res = await _context.SaveChangesAsyncWithValidation();

            if (!res.IsEmpty)
            {
                return(BadRequest(res));
            }

            //permet de renvoyer un réponse ayant un statut HTTP 201 - Created
            return(CreatedAtAction(nameof(Get), new { id = newBoard.BoardId }, newBoard.ToDTOU()));
        }
示例#2
0
        public async Task <IActionResult> Put(int id, UserBoardDTO boardDTO)
        {
            var Author = await _context.Users.FindAsync(boardDTO.AuthorId);

            if (User.Identity.Name != Author.Pseudo && !User.IsInRole(Role.Admin.ToString()))
            {
                return(BadRequest("Vous n'avez pas les droits pour effectuer cette action"));
            }

            if (id != boardDTO.BoardId)
            {
                return(BadRequest("mauvaise requetes des id"));
            }

            var board = await _context.Boards.FindAsync(id);

            if (board == null)
            {
                return(NotFound());
            }
            board.Title       = boardDTO.Title;
            board.PicturePath = boardDTO.PicturePath;

            var res = await _context.SaveChangesAsyncWithValidation();

            if (!res.IsEmpty)
            {
                return(BadRequest(res));
            }

            return(NoContent());
        }