public HttpResponseMessage DeleteMovie(int number) { try { var userName = User.Identity.Name; if (!CinemaService.IsAdmin(userName)) { throw (new UnauthorizedAccessException("The access is only for admins")); } CinemaService.DeleteMovie(number); return(Request.CreateResponse(HttpStatusCode.OK, true)); } catch (Exception ex) { return(Request.CreateResponse(HttpStatusCode.Forbidden, ex.Message)); } }