[ValidateAntiForgeryToken] // Prevents XSRF/CSRF attacks
public async Task <IActionResult> Edit(string id, PutUserModel putUserModel)
{
try
{
AuthorizeHelper.Authorize(this.HttpContext, "Administrator", this.GetType().Name, "Edit", "user");
var userId = HttpContext.Session.GetString("_Id");
var user = await _moviemindAPIService.GetModel <GetUserModel>(userId, "users");
if (user.Id == Guid.Parse(id) || HttpContext.User.IsInRole("Editor"))
{
if (ModelState.IsValid)
{
await _moviemindAPIService.PutModel <PutUserModel>(id, putUserModel, "users");
return(RedirectToRoute(new { action = "Index", controller = "Users" }));
}
return(View(putUserModel));
}
else
{
return(RedirectToRoute(new { action = "Index", controller = "Users" }));
}
}
catch (MovieMindException e)
{
return(ErrorHelper.HandleError(e, this.View(putUserModel)));
}
}
[ValidateAntiForgeryToken] // Prevents XSRF/CSRF attacks
public async Task <IActionResult> Edit(string id, PutMovieModel putMovieModel)
{
try
{
AuthorizeHelper.Authorize(this.HttpContext, "Editor", this.GetType().Name, "Edit", "movie");
if (ModelState.IsValid)
{
await _moviemindAPIService.PutModel <PutMovieModel>(id, putMovieModel, "Movies");
//delete (override) previous relationships
if (putMovieModel.ActorIds != null)
{
List <GetActorMovieModel> getActorMovieModels = await _moviemindAPIService.GetModels <GetActorMovieModel>("ActorMovies");
List <GetActorMovieModel> getActorMovieModelsToDelete = getActorMovieModels.Where(x => x.MovieId == Guid.Parse(id)).ToList();
foreach (GetActorMovieModel getActorMovieModel in getActorMovieModelsToDelete)
{
await _moviemindAPIService.DeleteModel(getActorMovieModel.Id.ToString(), "ActorMovies");
}
//put in new relationships
foreach (Guid actorId in putMovieModel.ActorIds)
{
await _moviemindAPIService.PostModel <PostActorMovieModel, GetActorMovieModel>(new PostActorMovieModel
{
ActorId = actorId,
MovieId = Guid.Parse(id)
}, "ActorMovies");
}
}
return(Redirect("/Movies/Details/" + id.ToString()));
}
return(View(putMovieModel));
}
catch (MovieMindException e)
{
return(ErrorHelper.HandleError(e, this.View(putMovieModel)));
}
}
[ValidateAntiForgeryToken] // Prevents XSRF/CSRF attacks
public async Task <IActionResult> Edit(string id, PutReviewModel putReviewModel)
{
try
{
AuthorizeHelper.Authorize(this.HttpContext, "Editor", this.GetType().Name, "Edit", "review");
if (ModelState.IsValid)
{
await _moviemindAPIService.PutModel <PutReviewModel>(id, putReviewModel, "reviews");
return(Redirect("/Reviews/Details/" + id.ToString()));
}
return(View(putReviewModel));
}
catch (MovieMindException e)
{
return(ErrorHelper.HandleError(e, this.View(putReviewModel)));
}
}
[ValidateAntiForgeryToken] // Prevents XSRF/CSRF attacks
public async Task <IActionResult> Edit(string id, PutDirectorModel putDirectorModel)
{
try
{
AuthorizeHelper.Authorize(this.HttpContext, "Editor", this.GetType().Name, "Edit", "director");
if (ModelState.IsValid)
{
await _moviemindAPIService.PutModel <PutDirectorModel>(id, putDirectorModel, "Directors");
return(RedirectToRoute(new { action = "Index", controller = "Directors" }));
}
return(View(putDirectorModel));
}
catch (MovieMindException e)
{
return(ErrorHelper.HandleError(e, this.View(putDirectorModel)));
}
}
