public JsonResult Delete(int id)
{
try
{
var child = _repository.GetChildById(id);
var matchingNurs = User.FindAll("Nursery").FirstOrDefault(claim => claim.Value == child.NurseryId.ToString());
if (User.IsInRole("Admin") || matchingNurs != null)
{
_repository.DeleteChild(id);
return(Json(new { Message = "Deleted" }));
}
}
catch (Exception ex)
{
return(Json(new { Message = "Unable to delete: " + ex }));
}
Response.StatusCode = (int)HttpStatusCode.Unauthorized;
return(Json("Unauthorized to delete this child"));
}