public UserPhotoAlbumsModel GetAlbums(UserModelBase model) { var currentUser = this.GetUser(model.Id); var photoModel = Mapper.Map<UserPhotoAlbumsModel>(currentUser); this.SetAccessLevel(photoModel); return photoModel; }
public UserModelBase Update(UserModelBase model) { //Only allowed to update name and email so only pay attention to those fields. var currentUser = this.GetUser(model.Id); currentUser.Email = model.Email; currentUser.Name = model.Name; var entity = Mapper.Map<UserEntity>(currentUser); this.SetAccessLevel(model); this.mUserRepository.Update(entity); return model; }
public ActionResult Albums(UserModelBase model, int start = 0) { var user = this.mSessionService.GetSession(); if (user.LoginStatus != Models.Enums.LoginStatus.LoggedIn || user.AccessLevel == Models.Enums.AccessLevel.NoAccess) { this.HttpContext.Response.StatusCode = 401; return Json(new { }, JsonRequestBehavior.AllowGet); } var albums = this.mUserService.GetAlbums(model); return Json(albums.PhotoAlbums, JsonRequestBehavior.AllowGet); }
public ActionResult Update(UserModelBase model) { var user = this.mSessionService.GetSession(); if (user.LoginStatus != Models.Enums.LoginStatus.LoggedIn || user.AccessLevel == Models.Enums.AccessLevel.NoAccess) { this.HttpContext.Response.StatusCode = 401; return Json(new { }, JsonRequestBehavior.AllowGet); } else { model = this.mUserService.Update(model); } return Json(model, JsonRequestBehavior.AllowGet); }
public ActionResult Info(Guid id) { var user = this.mSessionService.GetSession(); UserModelBase model = new UserModelBase(); if (user.LoginStatus != Models.Enums.LoginStatus.LoggedIn || user.AccessLevel == Models.Enums.AccessLevel.NoAccess) { this.HttpContext.Response.StatusCode = 401; return Json(new {}, JsonRequestBehavior.AllowGet); } else { Mapper.Map(this.mUserService.GetUser(id), model); } return Json(model, JsonRequestBehavior.AllowGet); }
public void SetAccessLevel(UserModelBase model) { var rights = this.mUserRepository.GetRights(model.Username); string currentUser = this.mSessionRepository.GetCurrentUsername(); if (rights.Contains("Administrator")) { if (currentUser == model.Username) { model.AccessLevel = AccessLevel.AdminAndOwner; } else { model.AccessLevel = AccessLevel.Admin; } } else if (currentUser == model.Username) { model.AccessLevel = AccessLevel.Owner; } else { model.AccessLevel = AccessLevel.NoAccess; } }