Exemplo n.º 1
0
        // GET: Profile/Delete/5
        public ActionResult Delete(int?id)
        {
            if (_rolesManager.SetCurrentEmployee(_employeeDataAccess, GetCurrentUserEmail()))
            {
                var accessLevel = _rolesManager.IdentifyRole();
                if (accessLevel == "FullAccess")
                {
                    if (id == null)
                    {
                        return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
                    }

                    var profile = _profileDataAccess.GetProfileById(id);
                    if (profile == null)
                    {
                        return(HttpNotFound());
                    }

                    _profileDataAccess.DeleteProfile(profile);
                    return(RedirectToAction("Index", "Employees"));
                }

                ViewBag.ErrorMsg = "You are not authorized to view this page";
                return(View("Error"));
            }

            ViewBag.ErrorMsg = "You are not registered on our system. Plz contact the system administrator if u think this is wrong.";
            return(View("Error"));
        }