public ActionResult Describe(int id)
{
UserModel authUser = (User.Identity.IsAuthenticated ?
new UserRepository().GetByUsername( User.Identity.Name ) : null);
// check if album with given id exists
AlbumRepository albums = new AlbumRepository();
AlbumModel album = albums.GetById( id,
withUser: true, withPhotos: true, withComments: true, withCategory: true, withTrustedUsers: true );
if ( album == null )
throw new Exception( "album not found" );
// check if the caller can access the album
if ( !albums.IsUserAuthorizedToViewAlbum( album, authUser, false ) )
throw new Exception( "user not authorized to view this album" );
// prepare photos list
List<string> photos = new List<string>();
foreach ( PhotoModel photo in album.Photos )
{
photos.Add( string.Format( "{0}/api/photos/{1}", Helpers.BaseURL(), photo.Id ) );
}
// prepare comments list
List<Object> comments = new List<Object>();
foreach ( CommentModel comment in album.Comments )
{
comments.Add( new
{
author = comment.User.Login,
date = new
{
day = comment.Date.Day,
month = comment.Date.Month,
year = comment.Date.Year
},
body = comment.Body
} );
}
// send back the album information
return Json( new
{
ok = true,
data = new
{
id = album.Id,
name = album.Name,
description = album.Description,
category = album.Category.Name,
owner = album.User.Login,
is_public = album.Public,
rating = album.Rating,
views = album.Views,
photos = photos,
comments = comments
}
}, JsonRequestBehavior.AllowGet );
}
public ActionResult Describe(string userName)
{
UserModel authUser = (User.Identity.IsAuthenticated ?
new UserRepository().GetByUsername( User.Identity.Name ) : null);
userName = HttpUtility.UrlDecode( userName ).Trim();
if ( userName == string.Empty )
throw new Exception( "empty username" );
UserRepository users = new UserRepository();
UserModel user = users.GetByUsernameWithAlbums( userName, withTrustedUsers:true );
if ( user == null )
throw new Exception( "user not found" );
AlbumRepository albumRepository = new AlbumRepository();
List<string> albums = new List<string>();
foreach ( AlbumModel album in user.Albums )
{
if ( albumRepository.IsUserAuthorizedToViewAlbum( album, authUser, false ) )
{
albums.Add( string.Format( "{0}/api/albums/{1}", Helpers.BaseURL(), album.Id ) );
}
}
return Json( new
{
ok = true,
data = new
{
id = user.Id,
username = user.Login,
date_of_birth = (user.DateOfBirth.HasValue ? new
{
day = user.DateOfBirth.Value.Day,
month = user.DateOfBirth.Value.Month,
year = user.DateOfBirth.Value.Year
} : null),
about = user.About,
albums = albums
}
}, JsonRequestBehavior.AllowGet );
}
public ActionResult Describe(int id)
{
UserModel authUser = (User.Identity.IsAuthenticated ?
new UserRepository().GetByUsername( User.Identity.Name ) : null);
// check if photo with given id exists
PhotoRepository photos = new PhotoRepository();
PhotoModel photo = photos.GetById( id, withAlbum: true );
if ( photo == null )
throw new Exception( "photo not found" );
// check if the caller can access the album containing the photo
AlbumRepository albums = new AlbumRepository();
AlbumModel album = albums.GetById( photo.Album.Id, withUser: true, withTrustedUsers: true );
if ( !albums.IsUserAuthorizedToViewAlbum( album, authUser, false ) )
throw new Exception( "user not authorized to view this photo/album" );
// send back the photo information
return Json( new
{
ok = true,
data = new
{
id = photo.Id,
album = string.Format( "{0}/api/albums/{1}", Helpers.BaseURL(), album.Id ),
date = new
{
day = photo.Date.Day,
month = photo.Date.Month,
year = photo.Date.Year
},
description = photo.Description,
image = Helpers.BaseURL() + photo.Path,
thumbnail = Helpers.BaseURL() + photo.Path.Substring(0, photo.Path.LastIndexOf(".jpg")) + "_mini.jpg",
latitude = photo.LocationLatitude,
longitude = photo.LocationLongitude
}
}, JsonRequestBehavior.AllowGet );
}
public ActionResult Show(int id)
{
AlbumRepository albums = new AlbumRepository();
AlbumModel album = albums.GetByIdForShow(id);
UserRepository users = new UserRepository();
var user = users.GetByUsername(HttpContext.User.Identity.Name);
// check if album has a password, if it does, authorize
if (!albums.authorizeWithPassword(album, user, (string)Session["Album" + album.Id.ToString()]))
return RedirectToAction("PasswordForAlbum", new { id = album.Id });
// if user is not authorized
if (!albums.IsUserAuthorizedToViewAlbum(album, user, true))
return View("NotAuthorized");
if (user == null || user.Id != album.User.Id) //if not logged in or not an author
{
//increment views
album.Views += 1;
albums.Update(album);
}
@ViewBag.user = user;
return View(album);
}
