public ActionResult DeleteRecord(int id) { var record = records.GetById(id); if (User.Identity.GetUserId() != record.Area.EmployeeId) { return(new HttpUnauthorizedResult(ErrorMessagesConstants.NotAuthorizedForThisAction)); } this.records.Delete(id); return(RedirectToAction("Manage", "Areas", new { id = record.AreaId })); }