[ValidateAntiForgeryToken] // Prevents XSRF/CSRF attacks public async Task <IActionResult> Edit(string id, PutMovieModel putMovieModel) { try { AuthorizeHelper.Authorize(this.HttpContext, "Editor", this.GetType().Name, "Edit", "movie"); if (ModelState.IsValid) { await _moviemindAPIService.PutModel <PutMovieModel>(id, putMovieModel, "Movies"); //delete (override) previous relationships if (putMovieModel.ActorIds != null) { List <GetActorMovieModel> getActorMovieModels = await _moviemindAPIService.GetModels <GetActorMovieModel>("ActorMovies"); List <GetActorMovieModel> getActorMovieModelsToDelete = getActorMovieModels.Where(x => x.MovieId == Guid.Parse(id)).ToList(); foreach (GetActorMovieModel getActorMovieModel in getActorMovieModelsToDelete) { await _moviemindAPIService.DeleteModel(getActorMovieModel.Id.ToString(), "ActorMovies"); } //put in new relationships foreach (Guid actorId in putMovieModel.ActorIds) { await _moviemindAPIService.PostModel <PostActorMovieModel, GetActorMovieModel>(new PostActorMovieModel { ActorId = actorId, MovieId = Guid.Parse(id) }, "ActorMovies"); } } return(Redirect("/Movies/Details/" + id.ToString())); } return(View(putMovieModel)); } catch (MovieMindException e) { return(ErrorHelper.HandleError(e, this.View(putMovieModel))); } }
[ValidateAntiForgeryToken] // Prevents XSRF/CSRF attacks public async Task <IActionResult> Delete(string id, GetUserModel getUserModel) { try { AuthorizeHelper.Authorize(this.HttpContext, "Administrator", this.GetType().Name, "Delete", "user"); GetUserModel user = await _moviemindAPIService.GetModel <GetUserModel>(id, "users"); foreach (GetReviewModel getReviewModel in user.Reviews) { await _moviemindAPIService.DeleteModel(getReviewModel.Id.ToString(), "reviews"); } //delete user favorites List <GetFavoriteModel> getFavoriteModels = await _moviemindAPIService.GetModels <GetFavoriteModel>("favorites"); List <GetFavoriteModel> favoritesToDelete = getFavoriteModels.Where(x => x.UserId == user.Id).ToList(); foreach (GetFavoriteModel favoriteModel in favoritesToDelete) { await _moviemindAPIService.DeleteModel(favoriteModel.Id.ToString(), "favorites"); } //delete user follower and followings List <GetUserFollowerModel> getUserFollowerModels = await _moviemindAPIService.GetModels <GetUserFollowerModel>("userfollowers"); List <GetUserFollowerModel> userFollowersToDelete = getUserFollowerModels.Where(x => x.FollowerId == user.Id || x.FollowingId == user.Id).ToList(); foreach (GetUserFollowerModel getUserFollowerModel in userFollowersToDelete) { await _moviemindAPIService.DeleteModel(getUserFollowerModel.Id.ToString(), "userfollowers"); } await _moviemindAPIService.DeleteModel(id, "users"); return(RedirectToRoute(new { action = "Index", controller = "Users" })); } catch (MovieMindException e) { return(ErrorHelper.HandleError(e, this.View(getUserModel))); } }
[ValidateAntiForgeryToken] // Prevents XSRF/CSRF attacks public async Task <IActionResult> Delete(string id, GetReviewModel getReviewModel) { try { AuthorizeHelper.Authorize(this.HttpContext, "Editor", this.GetType().Name, "Delete", "review"); await _moviemindAPIService.DeleteModel(id, "reviews"); return(RedirectToRoute(new { action = "Index", controller = "Reviews" })); } catch (MovieMindException e) { return(ErrorHelper.HandleError(e, this.View(getReviewModel))); } }