public UserPhotoAlbumsModel GetAlbums(UserModelBase model)
{
var currentUser = this.GetUser(model.Id);
var photoModel = Mapper.Map<UserPhotoAlbumsModel>(currentUser);
this.SetAccessLevel(photoModel);
return photoModel;
}
public UserModelBase Update(UserModelBase model)
{
//Only allowed to update name and email so only pay attention to those fields.
var currentUser = this.GetUser(model.Id);
currentUser.Email = model.Email;
currentUser.Name = model.Name;
var entity = Mapper.Map<UserEntity>(currentUser);
this.SetAccessLevel(model);
this.mUserRepository.Update(entity);
return model;
}
public ActionResult Albums(UserModelBase model, int start = 0)
{
var user = this.mSessionService.GetSession();
if (user.LoginStatus != Models.Enums.LoginStatus.LoggedIn || user.AccessLevel == Models.Enums.AccessLevel.NoAccess)
{
this.HttpContext.Response.StatusCode = 401;
return Json(new { }, JsonRequestBehavior.AllowGet);
}
var albums = this.mUserService.GetAlbums(model);
return Json(albums.PhotoAlbums, JsonRequestBehavior.AllowGet);
}
public ActionResult Update(UserModelBase model)
{
var user = this.mSessionService.GetSession();
if (user.LoginStatus != Models.Enums.LoginStatus.LoggedIn || user.AccessLevel == Models.Enums.AccessLevel.NoAccess)
{
this.HttpContext.Response.StatusCode = 401;
return Json(new { }, JsonRequestBehavior.AllowGet);
}
else
{
model = this.mUserService.Update(model);
}
return Json(model, JsonRequestBehavior.AllowGet);
}
public ActionResult Info(Guid id)
{
var user = this.mSessionService.GetSession();
UserModelBase model = new UserModelBase();
if (user.LoginStatus != Models.Enums.LoginStatus.LoggedIn || user.AccessLevel == Models.Enums.AccessLevel.NoAccess)
{
this.HttpContext.Response.StatusCode = 401;
return Json(new {}, JsonRequestBehavior.AllowGet);
}
else
{
Mapper.Map(this.mUserService.GetUser(id), model);
}
return Json(model, JsonRequestBehavior.AllowGet);
}
public void SetAccessLevel(UserModelBase model)
{
var rights = this.mUserRepository.GetRights(model.Username);
string currentUser = this.mSessionRepository.GetCurrentUsername();
if (rights.Contains("Administrator"))
{
if (currentUser == model.Username)
{
model.AccessLevel = AccessLevel.AdminAndOwner;
}
else
{
model.AccessLevel = AccessLevel.Admin;
}
}
else if (currentUser == model.Username)
{
model.AccessLevel = AccessLevel.Owner;
}
else
{
model.AccessLevel = AccessLevel.NoAccess;
}
}
