public async Task <IHttpActionResult> Delete(int id)
{
try
{
var currentUser = await GetCurrentUser();
NoteBLL bll = new NoteBLL(_unit);
bool isAdmin = await AppUserManager.IsInRoleAsync(currentUser.Id, "Admin");
if (isAdmin)
{
bll.Delete(id);
}
else
{
var w = bll.GetByID(id);
if (w.CreatedBy == currentUser.Id)
{
bll.Delete(id);
}
else
{
BadRequest("You don't have permission to delete this note.");
}
}
}
catch (Exception ex)
{
LogHelper.Error(_log, ex.ToString());
return(InternalServerError(ex));
}
return(Ok());
}
