public HttpResponseMessage AddMovie() { try { var userName = User.Identity.Name; if (!CinemaService.IsAdmin(userName)) { throw (new UnauthorizedAccessException("The access is only for admins")); } HttpPostedFile file = HttpContext.Current.Request.Files["img"]; var cat = HttpContext.Current.Request.Params["catagory"].ToString(); string ext = Path.GetExtension(file?.FileName); var guid = Guid.NewGuid(); int?catagory = null; foreach (string c in Enum.GetNames(typeof(Catagory))) { if (c == cat) { catagory = (int)Enum.Parse(typeof(Catagory), c); break; } } if (catagory == null) { throw (new FormatException("There is no such catagory")); } //Need to be changed when we have real server var serverPath = @"C:\Users\nissi\OneDrive\מסמכים\GitHub\CinemaWebSite\FinalProject_Cinema\CinemaClient\poster\"; CinemaService.AddMovie( HttpContext.Current.Request.Params["name"].ToString(), Convert.ToDateTime(HttpContext.Current.Request.Params["movie_date"]), Convert.ToInt32(HttpContext.Current.Request.Params["num_of_seat"]), Convert.ToInt32(HttpContext.Current.Request.Params["ticket_price"]), Convert.ToInt32(HttpContext.Current.Request.Params["p_year"]), Convert.ToInt32(HttpContext.Current.Request.Params["length"]), "../poster/" + guid + ext, catagory.Value); file?.SaveAs(serverPath + guid + ext); return(Request.CreateResponse(HttpStatusCode.OK, true)); } catch (Exception ex) { return(Request.CreateResponse(HttpStatusCode.Forbidden, ex.Message)); } }