public async Task <IActionResult> DeleteConfirmed(int id)
{
SkillDeleteModel model = await _mediator.SendAsync(new SkillDeleteQueryAsync { Id = id });
if (model == null)
{
return(HttpNotFound());
}
// security check to ensure the skill belongs to the same org as the org admin
if (!User.IsUserType(UserType.SiteAdmin))
{
var organizationId = User.GetOrganizationId();
// security check to ensure the skill belongs to the same org as the org admin
if (!organizationId.HasValue || model.OwningOrganizationId != organizationId)
{
return(new HttpUnauthorizedResult());
}
}
await _mediator.SendAsync(new SkillDeleteCommandAsync { Id = id });
return(RedirectToAction("Index", new { area = "Admin" }));
}
private static Mock <IMediator> MockMediatorSkillDeleteQuery(out SkillController controller, SkillDeleteModel model = null)
{
if (model == null)
{
model = new SkillDeleteModel {
HierarchicalName = "Name"
}
}
;
var mockMediator = new Mock <IMediator>();
mockMediator.Setup(mock => mock.SendAsync(It.IsAny <SkillDeleteQueryAsync>())).Returns(() => Task.FromResult(model)).Verifiable();
controller = new SkillController(mockMediator.Object);
return(mockMediator);
}
public async Task <IActionResult> Delete(int id)
{
SkillDeleteModel model = await _bus.SendAsync(new SkillDeleteQueryAsync { Id = id });
if (model == null)
{
return(HttpNotFound());
}
// security check to ensure the skill belongs to the same org as the org admin
if (!User.IsUserType(UserType.SiteAdmin))
{
var organizationId = User.GetOrganizationId();
// security check to ensure the skill belongs to the same org as the org admin
if (!organizationId.HasValue || model.OwningOrganizationId != organizationId)
{
return(new HttpUnauthorizedResult());
}
}
return(View("Delete", model));
}
