public IActionResult EditPost(ImageEditModel model, [FromRoute] int id)
{
if (!_authService.CanUserEditImage(User, id))
{
ViewBag.Error = "Your account is not authorized to edit the requested image.";
ViewBag.CanEdit = false;
return(View("Edit", model));
}
_imageRepository.EditImageProperties(id, model);
return(RedirectToAction("Details", new { id }));
}
public void EditImageProperties(int imageId, ImageEditModel model)
{
var tags = SanitizeHashtags(model.Tags);
using (var connection = new SqlConnection(_dbSettings.ConnectionString))
{
connection.Open();
connection.Execute(
@"UPDATE dbo.Image
SET Tags = @tags, Description = @Description
WHERE Id = @imageId", new { imageId, tags, model.Description });
}
}
