public async Task <IHttpActionResult> Delete(int id)
{
try
{
var currentUser = await GetCurrentUser();
AccountBLL bll = new AccountBLL(_unit);
bool isAdmin = await AppUserManager.IsInRoleAsync(currentUser.Id, "Admin");
if (isAdmin)
{
bll.DeleteFull(id);
}
else
{
var w = bll.GetByID(id);
if (w.Owner == currentUser.Id)
{
bll.DeleteFull(id);
}
else
{
BadRequest("You don't have permission to delete this account.");
}
}
}
catch (Exception ex)
{
LogHelper.Error(_log, ex.ToString());
return(InternalServerError(ex));
}
return(Ok());
}
public async Task <IHttpActionResult> Get(int id)
{
Account s = null;
try
{
AccountBLL bll = new AccountBLL(_unit);
s = bll.GetByID(id);
}
catch (Exception ex)
{
LogHelper.Error(_log, ex.ToString());
return(InternalServerError(ex));
}
return(Ok(s));
}