public async Task <IActionResult> SetMainPhoto(int userId, int id)
{
if (userId != int.Parse(User.FindFirst(ClaimTypes.NameIdentifier).Value))
{
return(Unauthorized("User not authorized"));
}
var user = await _repo.GetUser(userId);
if (!user.Photos.Any(p => p.Id == id))
{
return(Unauthorized());
}
var photoFromRepo = await _repo.GetPhoto(id);
if (photoFromRepo.IsMain)
{
return(BadRequest("Photo is already set to main"));
}
var currentMainPhoto = await _repo.GetMainPhotoForUser(userId);
currentMainPhoto.IsMain = false;
photoFromRepo.IsMain = true;
if (await _repo.SaveAll())
{
return(NoContent());
}
return(BadRequest("Could not set photo to main"));
}
public async Task <IActionResult> SetMainPhoto(int userId, int id)
{
if (IsUserAuthorizedAndSelf(userId) == false)
{
return(Unauthorized());
}
// verify that the photo id (id param) belongs to the user.
var user = await repo.GetUser(userId);
if (!user.Photos.Any(p => p.Id == id))
{
return(Unauthorized());
}
var photoFromRepo = await repo.GetPhoto(id);
if (photoFromRepo.IsMain)
{
return(BadRequest("This is already the main photo."));
}
photoFromRepo.IsMain = true;
var currentMainPhoto = await repo.GetMainPhotoForUser(userId);
if (currentMainPhoto != null)
{
currentMainPhoto.IsMain = false;
}
if (await repo.SaveAll())
{
return(NoContent());
}
return(BadRequest("The photo could not be set as Main."));
}