public async Task Delete(string orgId, string id) { var user = await _subvaultUserRepository.GetByIdAsync(new Guid(id)); if (user == null) { throw new NotFoundException(); } // TODO: permission check await _subvaultUserRepository.DeleteAsync(user); }
public async Task Delete(string orgId, string id) { var user = await _subvaultUserRepository.GetByIdAsync(new Guid(id)); if (user == null) { throw new NotFoundException(); } var subvault = await _subvaultRepository.GetByIdAsync(user.SubvaultId); if (subvault == null || !_currentContext.OrganizationAdmin(subvault.OrganizationId)) { throw new NotFoundException(); } await _subvaultUserRepository.DeleteAsync(user); }