private void ValidateMaterialAuthorization(int materialId)
{
var token = MyEventsToken.GetTokenFromHeader();
int organizerId = _materialRepository.GetOrganizerId(materialId);
if (token.RegisteredUserId != organizerId)
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Unauthorized));
}
public void Delete(int id)
{
var token = MyEventsToken.GetTokenFromHeader();
ValidateEventAuthorization(id);
_eventDefinitionRepository.Delete(id);
}
private static void ValidateRegisteredUserId(int registeredUserId)
{
var token = MyEventsToken.GetTokenFromHeader();
if (token.RegisteredUserId != registeredUserId)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Unauthorized));
}
}
private void ValidateEventAuthorization(int eventDefinitionid)
{
var token = MyEventsToken.GetTokenFromHeader();
var eventDefinition = _eventDefinitionRepository.GetById(eventDefinitionid);
if (token.RegisteredUserId != eventDefinition.OrganizerId)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Unauthorized));
}
}
private int GetRegisteredUserId()
{
var token = MyEventsToken.GetTokenFromHeader();
if (token != null)
{
return(token.RegisteredUserId);
}
return(0);
}
public void Put(EventDefinition eventDefinition)
{
if (eventDefinition == null)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.BadRequest));
}
var token = MyEventsToken.GetTokenFromHeader();
if (token.RegisteredUserId != eventDefinition.OrganizerId)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Unauthorized));
}
_eventDefinitionRepository.Update(eventDefinition);
}
