public HttpResponseMessage DeleteContact(int contactId)
{
HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.OK);
Contact contact = ContactBLL.GetContact(contactId);
UserPrincipal loggedInUser = (UserPrincipal)HttpContext.Current.User;
if (loggedInUser.AccountSession.ClubId == contact.ClubId)
{
ContactBLL.DeleteContact(contact);
}
else
{
LogHelper.LogWarn(string.Format("UserId: {0} trying to delete a contact outside of the club, contact: {1}",
loggedInUser.AccountSession.AccountId, contactId), null, loggedInUser.AccountSession.ClubId);
response.StatusCode = HttpStatusCode.Forbidden;
}
return(response);
}
public ApiResultDto Delete(long id)
{
return(ResultSuccess(_bll.DeleteContact(id, GetToken())));
}