public async Task <IActionResult> Delete(DeleteCommentInputModel input) { if (!await this.commentsService.CommentExists(input.Id)) { return(this.NotFound()); } var commentAndChildren = await this.commentsService.GetAllCommentChildrenById <DeleteCommentInputModel>(input.Id); var user = await this.userManager.GetUserAsync(this.User); var isAdmin = await this.userManager.IsInRoleAsync(user, GlobalConstants.AdministratorRoleName); foreach (var comment in commentAndChildren) { if (!await this.commentsService.IsUserCommentAuthor(comment.Id, user.Id) && !isAdmin) { return(this.BadRequest()); } await this.commentsService.DeleteAsync(comment.Id); } return(this.RedirectToAction("ById", "Posts", new { Id = input.PostId })); }
public async Task <IActionResult> Delete(DeleteCommentInputModel input) { if (input.AuthorUserName != this.User.Identity.Name && input.PostAuthorUserName != this.User.Identity.Name) { return(this.BadRequest()); } await this.commentsService.Delete(input.PostId, input.Id); return(this.RedirectToAction("ById", "Posts", new { id = input.PostId })); }
public async Task <IActionResult> Delete(DeleteCommentInputModel input) { var id = await this.commentService.DeleteCommentFromRestaurantAsync(input.CommentId, input.Id); var result = this.CheckIfValueIsNull(id, CommentNotFound, 404); if (result != null) { this.TempData[ErrorNotification] = CommentNotFound; return(result); } this.TempData[SuccessNotification] = SuccessfullyDeletedCommentFromRestaurant; return(this.RedirectToRoute("restaurant", new { id = input.Id, name = input.Name })); }
public async Task <ActionResult> Delete([FromForm] DeleteCommentInputModel data) { var userId = this.User.FindFirstValue(ClaimTypes.NameIdentifier); var commentUserId = await this.commentsService.TakeAuthorIdAsync(data.Id); var commentUserIsCurrentUser = this.User.Identity.IsAuthenticated && userId == commentUserId; if (commentUserIsCurrentUser || this.User.IsInRole(GlobalConstants.AdministratorRoleName)) { await this.commentsService.DeleteCommentAsync(data.Id); return(this.Ok(data.Id)); } return(this.Unauthorized()); }