public ActionResult Delete(string user, int noteID, int nothing = 0)
{
if (!(Roles.IsUserInRole("Administrator") || Roles.IsUserInRole("Job Coach") || Roles.IsUserInRole("Parent")))
{
Response.Redirect("~/Unauthorized");
return(View());
}
if (!(Roles.IsUserInRole("Administrator") && !accountHelper.isThisUserUsersJobCoach(user) && !accountHelper.isThisUserUsersParent(user)))
{
Response.Redirect("~/Unauthorized");
return(View());
}
Note note = helper.getNote(noteID);
if (note == null)
{
return(HttpNotFound());
}
if (!helper.createdByUser(note, user))
{
return(HttpNotFound());
}
helper.deleteNote(note);
return(RedirectToAction("List", new { user = user }));
}