Exemplo n.º 1
0
        public async Task <IActionResult> DeletePostImage(int imageId)
        {
            // Test to see if claim == post.UserId or policy is admin
            // if so allow the delete
            // if not don't allow it
            var image = await _postImage.GetASpecificImage(imageId);

            var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);

            if (UserClaimsGetters.GetUserId(User) == image.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
            {
                try
                {
                    await _postImage.Delete(imageId);

                    return(Ok());
                }
                catch (Exception e)
                {
                    throw new Exception($"Delete action exception message: {e.Message}");
                }
            }

            throw new Exception("You are not authorized to Delete that Image.");
        }
Exemplo n.º 2
0
        /// <summary>
        /// Deletes a Post from the database all associated data to that post.
        /// </summary>
        /// <param name="postId">The post's database id.</param>
        /// <returns>Void</returns>
        public async Task Delete(int postId)
        {
            var comments = await _context.PostToComments.Where(x => x.PostId == postId).ToListAsync();

            foreach (var comment in comments)
            {
                await _postComment.Delete(comment.CommentId);
            }

            var images = await _context.PostToImages.Where(x => x.PostId == postId).ToListAsync();

            foreach (var image in images)
            {
                await _postImage.Delete(image.ImageId);
            }

            await DeletePageToPostEntities(postId);
            await DeleteAllLikes(postId);

            var postToBeDeleted = await _context.UserPosts.FindAsync(postId);

            _context.Entry(postToBeDeleted).State = EntityState.Deleted;
            await _context.SaveChangesAsync();
        }