Ejemplo n.º 1
0
        public async Task <TalkSubmission> Submit(TalkSubmission talk)
        {
            var mostRecentEvent = await DbSession
                                  .Query <Event>()
                                  .OrderByDescending(e => e.DateTime)
                                  .FirstAsync();

            // Make sure the event is not closed for talks.
            if (!mostRecentEvent.IsAcceptingTalkSubmissions)
            {
                throw new InvalidOperationException("This event is not currently accepting talk submissions");
            }
            if (mostRecentEvent.NoTalkSubmissionsAfter.HasValue && DateTime.UtcNow > mostRecentEvent.NoTalkSubmissionsAfter)
            {
                throw new InvalidOperationException("This event is closed for new talks");
            }

            talk.Id                = null;
            talk.AuthorEmail       = User.Identity.Name;
            talk.SubmissionDate    = DateTime.UtcNow;
            talk.SubmittedByUserId = "ApplicationUsers/" + User.Identity.Name;
            talk.EventId           = mostRecentEvent.Id;
            await DbSession.StoreAsync(talk);

            return(talk);
        }
Ejemplo n.º 2
0
        public async Task <TalkSubmission> Update(TalkSubmission talk)
        {
            // Authorize: you can only update your talks.
            var existingTalk = await DbSession.LoadRequiredAsync <TalkSubmission>(talk.Id);

            var currentUser = await this.GetUserOrThrow();

            var isTalkOwner = string.Equals(currentUser.Id, existingTalk.SubmittedByUserId, StringComparison.InvariantCultureIgnoreCase);
            var isAdmin     = currentUser.Roles.Contains(Roles.Admin);

            if (!isTalkOwner && !isAdmin)
            {
                throw new UnauthorizedAccessException();
            }

            existingTalk.Update(talk);
            return(existingTalk);
        }