private bool HasAuthorization(ApplicationUser currentUser, Photo photo)
{
if (currentUser.Friends.Contains(photo.PhotoOwner) ||
photo.PhotoOwnerId == currentUser.Id)
{
return true;
}
return false;
}
public IHttpActionResult AddPhoto(AddPhotoBindingModel bindingModel)
{
if (!this.ModelState.IsValid)
{
return this.BadRequest(this.ModelState);
}
if (bindingModel == null || !this.IsValidBase64Format(bindingModel.Image))
{
return this.BadRequest("Invalid data");
}
string source = string.Format(
"{0}{1}", "data:image/jpg;base64,", bindingModel.Image);
var currentUserId = this.UserIdProvider.GetUserId();
var currentUser = this.Data.Users.Find(currentUserId);
Photo photo = new Photo
{
Source = source,
Description = bindingModel.Description,
PostedOn = DateTime.Now,
PhotoOwnerId = currentUserId
};
currentUser.Photos.Add(photo);
this.Data.Photos.Add(photo);
this.Data.SaveChanges();
return this.Ok();
}
