public async Task <Unit> Handle(Command request, CancellationToken cancellationToken)
{
var currentUser = await userManager.FindByIdAsync(userAccessor.GetCurrentUserId());
var isAdmin = await userManager.IsInRoleAsync(currentUser, RoleNames.Admin);
var userCompanyId = currentUser.CompanyId;
var image = await context.ReportImages.FindAsync(request.Id);
if (image == null)
{
throw new RestException(HttpStatusCode.NotFound, new { site = "Not found" });
}
if (!isAdmin)
{
var report = await context.Reports.FirstOrDefaultAsync(x => x.Id == image.ReportId);
if (report == null)
{
throw new RestException(HttpStatusCode.NotFound, new { Report = "Not found" });
}
var site = await context.Sites.FirstOrDefaultAsync(x => x.Id == report.SiteId);
if (site == null)
{
throw new RestException(HttpStatusCode.NotFound, new { Site = "Not found" });
}
var companyId = site.CompanyId;
if (userCompanyId != companyId)
{
throw new RestException(HttpStatusCode.Forbidden, new { Forbidden = "Permission Denied." });
}
}
context.Remove(image);
var success = await context.SaveChangesAsync() > 0;
if (success)
{
return(Unit.Value);
}
throw new Exception("Problem deleting image.");
}
public async Task <Unit> DeleteAsync(long id)
{
var site = await context.Sites.FindAsync(id);
if (site == null)
{
throw new RestException(HttpStatusCode.NotFound, new { site = "Not found" });
}
context.Remove(site);
var success = await context.SaveChangesAsync() > 0;
if (success)
{
return(Unit.Value);
}
throw new Exception("Problem deleting site.");
}