public IHttpActionResult Delete([FromBody] MultiplePhotoSaveViewModel model)
{
var userId = Request.GetUserId();
if (userId < 0)
{
return(Unauthorized());
}
if (model == null)
{
return(BadRequest("Model cannot be null"));
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
foreach (var photoId in model.PhotoIds)
{
if (!_authManager.HasAccess <Photo>(userId, photoId, Operation.Delete))
{
continue;
}
_photoManager.Delete(photoId);
}
return(Ok());
}
public IHttpActionResult SaveAll([FromBody] MultiplePhotoSaveViewModel model)
{
var userId = Request.GetUserId();
if (userId < 0)
{
return(Unauthorized());
}
if (model == null)
{
return(BadRequest("Model cannot be null"));
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
foreach (var photoId in model.PhotoIds)
{
var photo = _photoManager.GetById(photoId);
if (photo == null)
{
continue;
}
if (!_authManager.HasAccess(userId, photo, Operation.Update))
{
continue;
}
photo.AlbumId = model.AlbumId;
photo.Privacy = model.Privacy;
_photoManager.Update(photo);
}
return(Ok());
}
