public async Task <IActionResult> DeletePostComment(int commentId)
{
// Test to see if claim == post.UserId or policy is admin
// if so allow the delete
// if not don't allow it
var comment = await _postComment.GetASpecificComment(commentId);
var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);
// TODO: Need to figure out how to allow the Post's owner is allowed to delete another user's comment
if (UserClaimsGetters.GetUserId(User) == comment.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
{
try
{
await _postComment.Delete(commentId);
return(Ok());
}
catch (Exception e)
{
throw new Exception($"Delete action exception message: {e.Message}");
}
}
throw new Exception("You are not authorized to Delete that Comment.");
}
/// <summary>
/// Deletes a Post from the database all associated data to that post.
/// </summary>
/// <param name="postId">The post's database id.</param>
/// <returns>Void</returns>
public async Task Delete(int postId)
{
var comments = await _context.PostToComments.Where(x => x.PostId == postId).ToListAsync();
foreach (var comment in comments)
{
await _postComment.Delete(comment.CommentId);
}
var images = await _context.PostToImages.Where(x => x.PostId == postId).ToListAsync();
foreach (var image in images)
{
await _postImage.Delete(image.ImageId);
}
await DeletePageToPostEntities(postId);
await DeleteAllLikes(postId);
var postToBeDeleted = await _context.UserPosts.FindAsync(postId);
_context.Entry(postToBeDeleted).State = EntityState.Deleted;
await _context.SaveChangesAsync();
}
public async Task <ActionResult <Comment> > DeletePost(int id)
{
await _repo.Delete(id);
return(Ok("deleted"));
}
