public ActionResult DeleteMessage(int messageId, string username) { var message = messageDal.GetMessage(messageId); if (message == null) { // message does not exist by that id return(new HttpNotFoundResult()); } return(View("DeleteMessage", message)); }
public ActionResult DeleteMessage(int messageId, string username) { var message = messageDal.GetMessage(messageId); if (message == null) { // message does not exist by that id return(new HttpNotFoundResult()); } if (message.Sender.ToLower() != username.ToLower()) { return(new HttpStatusCodeResult(HttpStatusCode.Forbidden)); } return(View("DeleteMessage", message)); }