Example #1
0
        protected Session GetSession(int id, bool performOwnerCheck)
        {
            var session = _repository.Get <Session>(id);

            if (session == null)
            {
                throw new HttpException(404, "Session {0} not found".F(id));
            }

            if (performOwnerCheck && !_currentUser.Owns(session) && !_currentUser.IsAdmin)
            {
                throw new ApplicationException("You do not own session {0}".F(id));
            }

            return(session);
        }