private static async Task DeleteVideoConfirmGet(HttpContext context)
{
CommonController.SetHTMLContentType(context);
var userTask = UserSessions.GetLoggedInUser(context);
using var connection = Database.OpenNewConnection();
var user = await userTask;
if (user != null && GuidHelpers.TryDecode(context.Request.Query["id"], out var videoId))
{
var video = await GetVideo(videoId, connection);
if (UserOwnsVideo(video, user.userid))
{
await DeleteVideo(video.id, connection);
context.Response.Redirect("/my_videos");
}
else
{
await CommonController.Write404(context);
}
}
else
{
await CommonController.Write404(context);
}
}
private static async Task EditVideoGet(HttpContext context)
{
CommonController.SetHTMLContentType(context);
var userTask = UserSessions.GetLoggedInUser(context);
using var connection = Database.OpenNewConnection();
var user = await userTask;
if (user != null && GuidHelpers.TryDecode(context.Request.Query["id"], out var videoId))
{
var video = await GetVideo(videoId, connection);
if (UserOwnsVideo(video, user.userid))
{
var templateContext = new TemplateContext(new { video });
await context.Response.WriteAsync(await HTMLRenderer.Render(context, "Templates\\editVideo.liquid", templateContext));
}
else
{
await CommonController.Write404(context);
}
}
else
{
await CommonController.Write404(context);
}
}
private static async Task VideoGet(HttpContext context)
{
CommonController.SetHTMLContentType(context);
if (GuidHelpers.TryDecode(context.Request.Query["id"], out var videoId))
{
using var connection = Database.OpenNewConnection();
var video = await GetVideo(videoId, connection);
var user = await UserSessions.GetLoggedInUser(context);
if (video != null && UserCanViewVideo(video, user))
{
bool userOwnsVideo = UserOwnsVideo(video, user.userid);
var relatedVideos = new List <Video>();
var templateContext = new TemplateContext(new { video, relatedVideos, userOwnsVideo });
await context.Response.WriteAsync(await HTMLRenderer.Render(context, "Templates\\video.liquid", templateContext));
await AddVideoView(video.id, context, connection);
}
else
{
await CommonController.Write404(context);
}
}
else
{
await CommonController.Write404(context);
}
}
private static async Task EditVideoPost(HttpContext context)
{
CommonController.SetHTMLContentType(context);
var userTask = UserSessions.GetLoggedInUser(context);
using var connection = Database.OpenNewConnection();
var user = await userTask;
if (user != null && GuidHelpers.TryDecode(context.Request.Query["id"], out var videoId))
{
var video = await GetVideo(videoId, connection);
if (UserOwnsVideo(video, user.userid))
{
var form = context.Request.Form;
video.title = form["title"];
video.description = form["description"];
//TODO(Simon): Deduplicate tags. Should be cleaned by frontend, but may be malicious data.
string[] tags = form["tags"].ToString().Split(',');
var deduplicatedTags = new HashSet <string>(tags);
video.tags = deduplicatedTags.ToList();
if (Int32.TryParse(form["privacy"], out var privacyInt))
{
video.privacy = (VideoPrivacy)privacyInt;
}
await AddOrUpdateVideo(video, connection);
context.Response.Redirect("/my_videos");
}
else
{
await CommonController.Write404(context);
}
}
else
{
await CommonController.Write404(context);
}
}
private static async Task UpdateVideoPrivacyPost(HttpContext context)
{
CommonController.SetHTMLContentType(context);
var userTask = UserSessions.GetLoggedInUser(context);
using var connection = Database.OpenNewConnection();
var user = await userTask;
if (user != null && GuidHelpers.TryDecode(context.Request.Query["id"], out var videoid))
{
var video = await GetVideo(videoid, connection);
if (UserOwnsVideo(video, user.userid))
{
if (Int32.TryParse(context.Request.Form["video-privacy"], out int privacy))
{
await SetVideoPrivacy(video.id, (VideoPrivacy)privacy, connection);
}
}
}
context.Response.Redirect("/my_videos");
}