public async Task <IActionResult> DeletePostComment(int commentId) { // Test to see if claim == post.UserId or policy is admin // if so allow the delete // if not don't allow it var comment = await _postComment.GetASpecificComment(commentId); var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager); // TODO: Need to figure out how to allow the Post's owner is allowed to delete another user's comment if (UserClaimsGetters.GetUserId(User) == comment.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner")) { try { await _postComment.Delete(commentId); return(Ok()); } catch (Exception e) { throw new Exception($"Delete action exception message: {e.Message}"); } } throw new Exception("You are not authorized to Delete that Comment."); }
/// <summary> /// Deletes a Post from the database all associated data to that post. /// </summary> /// <param name="postId">The post's database id.</param> /// <returns>Void</returns> public async Task Delete(int postId) { var comments = await _context.PostToComments.Where(x => x.PostId == postId).ToListAsync(); foreach (var comment in comments) { await _postComment.Delete(comment.CommentId); } var images = await _context.PostToImages.Where(x => x.PostId == postId).ToListAsync(); foreach (var image in images) { await _postImage.Delete(image.ImageId); } await DeletePageToPostEntities(postId); await DeleteAllLikes(postId); var postToBeDeleted = await _context.UserPosts.FindAsync(postId); _context.Entry(postToBeDeleted).State = EntityState.Deleted; await _context.SaveChangesAsync(); }
public async Task <ActionResult <Comment> > DeletePost(int id) { await _repo.Delete(id); return(Ok("deleted")); }