public async Task <IActionResult> Upload([FromForm] IFormFile file, [FromForm] string name, [FromRoute] ulong server, [FromForm] List <uint> categories)
{
var token = new CancellationTokenSource(TimeSpan.FromSeconds(30)).Token;
var authEntry = HttpContext.GetAuthEntry();
if (authEntry is null)
{
return(Redirect("/login"));
}
var userGuilds = await userService.GetAllowedUserGuilds(authEntry);
if (!userGuilds.Any(x => x.Id == server))
{
return(Unauthorized());
}
if (!IsValidName(name, out var cleanedName))
{
return(BadRequest("Invalid quote name"));
}
var audio_owner = await audioProcessingService.Upload(file, server, authEntry.UserId, cleanedName, token);
foreach (var categoryId in categories)
{
var category = await categoryRepo.GetCategory(categoryId);
if (category != null && category.OwnerId == server)
{
await audioCategoryRepo.Create(audio_owner.Id, category.Id);
}
}
return(RedirectToAction("Index", new { server }));
}
public async Task <IActionResult> Create([FromQuery(Name = "audio")] uint audioOwnerId,
[FromQuery(Name = "category")] uint categoryId,
string redirect = null)
{
var authEntry = HttpContext.GetAuthEntry();
if (authEntry is null)
{
return(Redirect("/login"));
}
var audioOwner = await audioOwnerRepo.GetById(audioOwnerId);
var category = await categoryRepo.GetCategory(categoryId);
// Ensure that audioOwner and category have the same ownerId
if (audioOwner.OwnerId != category.OwnerId)
{
return(BadRequest());
}
// ensure the user has permissions to edit the guild
var userGuilds = await userService.GetAllowedUserGuilds(authEntry);
if (!userGuilds.Any(x => x.Id == audioOwner.OwnerId))
{
return(Unauthorized());
}
await audioCategoryRepo.Create(audioOwnerId, categoryId);
return(string.IsNullOrWhiteSpace(redirect) ? LocalRedirect("/") : LocalRedirect(redirect));
}