public async Task <IActionResult> Delete([FromQuery] string viewId)
{
// Validate
if (string.IsNullOrEmpty(viewId))
{
return(BadRequest("View-ID not specified"));
}
var view = await viewManager.GetView(viewId);
if (view == null)
{
return(NotFound());
}
// Authroize
var loggedInUsername = UsernameNormalizer.Normalize(HttpContext.User.Identity.Name);
var dataType = DetermineViewCollection(view.Query);
var resourceDescription = new DeleteViewResourceDescription(view.Submitter, dataType);
var authorizationResult = await authorizationModule.AuthorizeAsync(resourceDescription, loggedInUsername);
if (!authorizationResult.IsAuthorized)
{
return(new ContentResult
{
Content = "Not authorized",
ContentType = "text/plain",
StatusCode = (int)HttpStatusCode.Unauthorized
});
}
await viewManager.DeleteViewAsync(viewId);
return(Ok());
}
