public void ApiDeleteBlog( string id, string apiKey ) { using ( Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope() ) { Rock.CMS.UserService userService = new Rock.CMS.UserService(); Rock.CMS.User user = userService.Queryable().Where( u => u.ApiKey == apiKey ).FirstOrDefault(); if (user != null) { uow.objectContext.Configuration.ProxyCreationEnabled = false; Rock.CMS.BlogService BlogService = new Rock.CMS.BlogService(); Rock.CMS.Blog Blog = BlogService.Get( int.Parse( id ) ); if ( Blog.Authorized( "Edit", user ) ) { BlogService.Delete( Blog, user.PersonId ); BlogService.Save( Blog, user.PersonId ); } else throw new WebFaultException<string>( "Not Authorized to Edit this Blog", System.Net.HttpStatusCode.Forbidden ); } else throw new WebFaultException<string>( "Invalid API Key", System.Net.HttpStatusCode.Forbidden ); } }
public void DeleteBlog( string id ) { var currentUser = Rock.CMS.UserService.GetCurrentUser(); if ( currentUser == null ) throw new WebFaultException<string>("Must be logged in", System.Net.HttpStatusCode.Forbidden ); using ( Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope() ) { uow.objectContext.Configuration.ProxyCreationEnabled = false; Rock.CMS.BlogService BlogService = new Rock.CMS.BlogService(); Rock.CMS.Blog Blog = BlogService.Get( int.Parse( id ) ); if ( Blog.Authorized( "Edit", currentUser ) ) { BlogService.Delete( Blog, currentUser.PersonId ); BlogService.Save( Blog, currentUser.PersonId ); } else throw new WebFaultException<string>( "Not Authorized to Edit this Blog", System.Net.HttpStatusCode.Forbidden ); } }