public async Task <ActionResult <CommonSuccessMessageOutputDTO> > DeleteUser([FromBody] UserDeleteInputDTO userDeleteInputDTO, int userId) { try { await this.userService.DeleteUser(userDeleteInputDTO, userId); return(new CommonSuccessMessageOutputDTO() { Success = true }); } catch (Exception ex) { return(BadRequest(new { message = new List <string> { ex.Message } })); } }
/// <summary> /// Delete a user /// </summary> /// <param name="userDeleteInputDTO"></param> /// <returns></returns> public async Task DeleteUser(UserDeleteInputDTO userDeleteInputDTO, int userId) { bool hasAccessToDelete = true; //Get the user that sent the delete request UserEntity loggedInUser = await this.userRepository.GetUser(userId); if (loggedInUser.Role == Roles.BusinessUser) { UserAccessEntity userAccess = await this.userAccessRepository.GetUserAccess(userId); hasAccessToDelete = userAccess != null ? userAccess.Delete : false; } if (hasAccessToDelete) { await this.userRepository.DeleteUser(userDeleteInputDTO.UserId); } else { throw new UnauthorizedAccessException("User don't have access to perform delete operation"); } }