protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
var team = new UserTeamManagement(Global.ConnectionString, SessionProps).GetTeam(TeamId);
//check that it's the users team
//verify team owner
if (team.UserGUID != SessionProps.UserGuid && !SessionProps.HasPermission("ADMIN"))
{
//log the attempted breach
MailAndLog.SendMessage("Försök att sabba lag",
String.Format("Användaren: {0} med guid: {1} försökte ändra bild på laget: {2} med guid: {3}", SessionProps.UserName, SessionProps.UserGuid.ToString(), team.Name, team.GUID),
Parameters.Instance.MailSender, Parameters.Instance.SupportMail);
throw new AccessViolationException("Attempt to tamper with other users team");
}
if (!String.IsNullOrEmpty(team.Picture))
{
uploadImage.UploadUserImage(team.Picture);
}
else
{
uploadImage.UploadUserImage();
}
}
}
public void ProcessRequest(HttpContext context)
{
var userTeamId = context.Request.Params["UserTeamId"];
if (userTeamId == null)
{
//send error
SendException(context, new BadRequestException("GetUserTeam called without UserTeamId"));
}
Guid userTeamGuid;
if (!Guid.TryParse(userTeamId, out userTeamGuid))
{
//send error
SendException(context, new BadRequestException("GetUserTeam called without valid UserTeamId"));
}
var userTeamManagement = new UserTeamManagement(Global.ConnectionString, Global.SessionProperties);
var userTeam = userTeamManagement.GetTeam(userTeamGuid);
var userTeamDto = new UserTeamDTO();
userTeamDto.Id = userTeam.GUID.ToString();
userTeamDto.Name = userTeam.Name;
userTeamDto.Description = userTeam.Presentation;
//are we in a transfer period?
var transferPeriod = new CommonDataFetches(Global.ConnectionString, Global.SessionProperties);
JsonResponse(context, userTeamDto);
}
protected void btnToggleFavorite_Click(object sender, EventArgs e)
{
var trans = new UserTeamManagement(Global.ConnectionString, SessionProps);
trans.ToggleUserFavoriteTeam(TeamId);
LoadTeam();
}
protected void uploadImage_ImageUploaded()
{
//store the new image name
var trans = new UserTeamManagement(Global.ConnectionString, SessionProps);
trans.UpdateTeamImage(TeamId, uploadImage.ImageNameToStore);
uploadImage.Visible = false;
lblMessage.Text = "Bilden är uppladdad...";
}
