public HttpResponseMessage Delete(int id, ServiceModel.DeleteTeamViewModel deleteParameters) { if (!ModelState.IsValid) { return(new HttpResponseMessage <JsonValue>(ModelState.ToJson(), HttpStatusCode.BadRequest)); } var team = context.GetAll <DomainModel.Team>() .FirstOrDefault(u => u.Id == id); //rest spec says we should not throw an error in this case ( delete requests should be idempotent) if (team == null) { throw new HttpResponseException("Invalid Team", HttpStatusCode.BadRequest); } var editor = team.TeamMembers .FirstOrDefault(tm => tm.Role == DomainModel.TeamUserRole.Administrator && tm.UserId == deleteParameters.UserId); if (editor == null) { ModelState.AddModelError("", "User does not have permissions to edit team"); return(new HttpResponseMessage <JsonValue>(ModelState.ToJson(), HttpStatusCode.BadRequest)); } context.Delete(team); context.SaveChanges(); return(new HttpResponseMessage(HttpStatusCode.NoContent)); }
public HttpResponseMessage Delete(int id, ServiceModel.DeleteTeamViewModel viewModel) { if (!ModelState.IsValid) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.BadRequest, ModelState.ToJson().ToString())); } //get team var team = GetTeam(id); var editor = team.Members .FirstOrDefault(tm => tm.Role == DomainModel.TeamUserRole.Administrator && tm.UserId == viewModel.UserId); if (editor == null) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.BadRequest, "User does not have permissions to delete team")); } context.Delete(team); context.SaveChanges(); return(new HttpResponseMessage(HttpStatusCode.NoContent)); }