public HttpResponseMessage CommentDelete(CommentDeleteDTO postData)
{
try
{
var ci = JournalController.Instance.GetComment(postData.CommentId);
if (ci == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, "delete failed"));
}
var ji = JournalController.Instance.GetJournalItem(ActiveModule.OwnerPortalID, UserInfo.UserID, postData.JournalId);
if (ji == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, "invalid request"));
}
if (ci.UserId == UserInfo.UserID || ji.UserId == UserInfo.UserID || UserInfo.IsInRole(PortalSettings.AdministratorRoleName))
{
JournalController.Instance.DeleteComment(postData.JournalId, postData.CommentId);
return(Request.CreateResponse(HttpStatusCode.OK, new { Result = "success" }));
}
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "access denied"));
}
catch (Exception exc)
{
Logger.Error(exc);
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, exc));
}
}
public HttpResponseMessage CommentDelete(CommentDeleteDTO postData)
{
try
{
var ci = JournalController.Instance.GetComment(postData.CommentId);
if (ci == null)
{
return Request.CreateErrorResponse(HttpStatusCode.InternalServerError, "delete failed");
}
if (ci.UserId == UserInfo.UserID || UserInfo.IsInRole(PortalSettings.AdministratorRoleName))
{
JournalController.Instance.DeleteComment(postData.JournalId, postData.CommentId);
return Request.CreateResponse(HttpStatusCode.OK, new { Result = "success" });
}
return Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "access denied");
}
catch (Exception exc)
{
Logger.Error(exc);
return Request.CreateErrorResponse(HttpStatusCode.InternalServerError, exc);
}
}
