public ActionResult Delete(int requestId)
{
string userId = User.Identity.GetUserId();
var s1 = StaffDepartmentDAO.GetStaffByUserId(userId);
if (s1 != null)
{
// Delete the request
RequestDAO.DeleteRequest(s1.staffId, requestId);
}
return(RedirectToAction("List"));
}
/// <summary>
/// Deletes a request from the database
/// </summary>
/// <param name="id">ID of the request needing to be deleted</param>
/// <returns>Returns a result based on status</returns>
public ActionResult DeleteRequest(int id)
{
ActionResult response;
//check for admin
if (Session["RoleID"] != null && (int)Session["RoleID"] == 6)
{
//if the user is an admin, check id
if (id > 0)
{
//if id is valid, access the database
try
{
//pull request data
RequestDO requestDO = _RequestDataAccess.ViewRequestByID(id);
//delete from database
_RequestDataAccess.DeleteRequest(requestDO.RequestID);
response = RedirectToAction("Index", "Request");
}
catch (Exception ex)
{
//log error
_Logger.ErrorLog(MethodBase.GetCurrentMethod().DeclaringType.Name, MethodBase.GetCurrentMethod().Name, ex);
response = RedirectToAction("Error", "Home");
}
finally { }
}
else
{
//if id is not valid, return to request details
response = RedirectToAction("RequestDetails", "Request");
}
}
else
{
//if the user is not an admin, redirect to the login page
response = RedirectToAction("Login", "Account");
}
return(response);
}