public IHttpActionResult ClearApplicationData(string applicationId) { AccountController account = new AccountController(_employerService, _organizationService, _identityService); account.UserManager = UserManager; var userInfo = account.GetUserInfo(); // make sure user has rights to the Applicaion var hasPermission = _identityService.HasSavePermission(userInfo, applicationId); if (!hasPermission) { Unauthorized("Unauthorized"); } var user = UserManager.Users.SingleOrDefault(s => s.Id == userInfo.UserId); var organization = user.Organizations.FirstOrDefault(x => x.ApplicationId == applicationId && x.ApplicationStatusId != StatusIds.Submitted); // Clear Application Information if (organization != null) { // Remove application from application save table DateTime now = DateTime.UtcNow; var state = "{\"saved\":\"" + now.ToString("yyyy-MM-ddTHH\\:mm\\:ssZ") + "\"}"; _saveService.AddOrUpdate(organization.ApplicationId, organization.ApplicationId, organization.Employer_Id, state); // Soft delete application attachements _attachmentService.DeleteApplicationAttachements(applicationId); } else { ExpectationFailed(string.Format("Cannot clear this application. Application Id: {0}", applicationId)); } return(Ok()); }