public JsonResult Delete(int id) { try { var matchingNurs = User.FindAll("Nursery").FirstOrDefault(claim => claim.Value == _repository.GetEmployeeNurseryId(id).ToString()); if (User.IsInRole("Admin") || matchingNurs != null) { _repository.DeleteEmployee(id); return(Json(new { Message = "Deleted" })); } } catch (Exception ex) { return(Json(new { Message = "Unable to delete: " + ex })); } Response.StatusCode = (int)HttpStatusCode.Unauthorized; return(Json("Unauthorized to delete this employee")); }