public async Task <IActionResult> Edit(int id, NewsMinifiedBindingModel model)
{
var userId = this.userManager.GetUserId(User);
var newsAuthorId = await this.news.AuthorId(id);
if (newsAuthorId != userId && !User.IsInRole("Administrator"))
{
return(BadRequest());
}
await this.news.Edit(id, model.Title, model.Description, model.ImageUrl);
return(RedirectToAction(nameof(All)));
}
public async Task <IActionResult> Delete(int id, NewsMinifiedBindingModel model)
{
var userId = this.userManager.GetUserId(User);
var newsAuthorId = await this.news.AuthorId(id);
if (newsAuthorId != userId && !User.IsInRole("Administrator"))
{
return(BadRequest());
}
var success = await this.news.Delete(id);
if (!success)
{
return(BadRequest());
}
return(RedirectToAction(nameof(All)));
}
