public string[] DeletePhotos(DeletePhotoParameters[] photos, string albumId) { string[] albumCovers = new string[] { }; ServiceSupport.AuthorizeAndExecute(() => { var album = AlbumRepository.FindAlbumById(albumId); if (album == null) { throw new FaultException <ServerFault>(new ServerFault() { FaultCode = ServerFaultCode.Generic }, new FaultReason("No album with Id " + albumId + " was found.")); } var photoIds = photos.Select(x => x.PhotoId); CloudTaskManager.PublishTask(storage => { foreach (var photoFile in photos.Select(x => x.FileName)) { storage.DeletePhoto(photoFile, albumId); } }); if (HttpContext.Current.IsSuperAdminLoggedIn()) { PhotoRepository.DeletePhotos(photoIds, albumId); albumCovers = AlbumRepository.UpdateCovers(album); } else { // Only album author can delete photos if (!HttpContext.Current.IsUserLoggedIn(album.CreatedBy)) { throw new FaultException <ServerFault>(new ServerFault() { FaultCode = ServerFaultCode.NotAuthroized }, new FaultReason("Photos must only be deleted by the author of the album they belong to.")); } else { // Delete photos by selected IDs and album ID PhotoRepository.DeletePhotos(photoIds, albumId); albumCovers = AlbumRepository.UpdateCovers(album); } } }); return(albumCovers); }