public async Task <ActionResult <CommonSuccessMessageOutputDTO> > DeleteUser([FromBody] UserDeleteInputDTO userDeleteInputDTO, int userId)
{
try
{
await this.userService.DeleteUser(userDeleteInputDTO, userId);
return(new CommonSuccessMessageOutputDTO()
{
Success = true
});
}
catch (Exception ex)
{
return(BadRequest(new { message = new List <string> {
ex.Message
} }));
}
}
/// <summary>
/// Delete a user
/// </summary>
/// <param name="userDeleteInputDTO"></param>
/// <returns></returns>
public async Task DeleteUser(UserDeleteInputDTO userDeleteInputDTO, int userId)
{
bool hasAccessToDelete = true;
//Get the user that sent the delete request
UserEntity loggedInUser = await this.userRepository.GetUser(userId);
if (loggedInUser.Role == Roles.BusinessUser)
{
UserAccessEntity userAccess = await this.userAccessRepository.GetUserAccess(userId);
hasAccessToDelete = userAccess != null ? userAccess.Delete : false;
}
if (hasAccessToDelete)
{
await this.userRepository.DeleteUser(userDeleteInputDTO.UserId);
}
else
{
throw new UnauthorizedAccessException("User don't have access to perform delete operation");
}
}
