public async Task <IActionResult> Delete([FromQuery] string viewId) { // Validate if (string.IsNullOrEmpty(viewId)) { return(BadRequest("View-ID not specified")); } var view = await viewManager.GetView(viewId); if (view == null) { return(NotFound()); } // Authroize var loggedInUsername = UsernameNormalizer.Normalize(HttpContext.User.Identity.Name); var dataType = DetermineViewCollection(view.Query); var resourceDescription = new DeleteViewResourceDescription(view.Submitter, dataType); var authorizationResult = await authorizationModule.AuthorizeAsync(resourceDescription, loggedInUsername); if (!authorizationResult.IsAuthorized) { return(new ContentResult { Content = "Not authorized", ContentType = "text/plain", StatusCode = (int)HttpStatusCode.Unauthorized }); } await viewManager.DeleteViewAsync(viewId); return(Ok()); }