public IHttpActionResult DeleteUser(int id, [FromUri] string token = "") { User requestUser = auth.ValidateToken(token); if ((requestUser == null) || (requestUser.Role != Models.User.Roles.Admin)) { return(Unauthorized()); } if (db.DeleteUser(id)) { return(Ok()); } return(NotFound()); }