public async Task <IActionResult> DeleteConfirmed(int id) { SkillDeleteModel model = await _mediator.SendAsync(new SkillDeleteQueryAsync { Id = id }); if (model == null) { return(HttpNotFound()); } // security check to ensure the skill belongs to the same org as the org admin if (!User.IsUserType(UserType.SiteAdmin)) { var organizationId = User.GetOrganizationId(); // security check to ensure the skill belongs to the same org as the org admin if (!organizationId.HasValue || model.OwningOrganizationId != organizationId) { return(new HttpUnauthorizedResult()); } } await _mediator.SendAsync(new SkillDeleteCommandAsync { Id = id }); return(RedirectToAction("Index", new { area = "Admin" })); }
private static Mock <IMediator> MockMediatorSkillDeleteQuery(out SkillController controller, SkillDeleteModel model = null) { if (model == null) { model = new SkillDeleteModel { HierarchicalName = "Name" } } ; var mockMediator = new Mock <IMediator>(); mockMediator.Setup(mock => mock.SendAsync(It.IsAny <SkillDeleteQueryAsync>())).Returns(() => Task.FromResult(model)).Verifiable(); controller = new SkillController(mockMediator.Object); return(mockMediator); }
public async Task <IActionResult> Delete(int id) { SkillDeleteModel model = await _bus.SendAsync(new SkillDeleteQueryAsync { Id = id }); if (model == null) { return(HttpNotFound()); } // security check to ensure the skill belongs to the same org as the org admin if (!User.IsUserType(UserType.SiteAdmin)) { var organizationId = User.GetOrganizationId(); // security check to ensure the skill belongs to the same org as the org admin if (!organizationId.HasValue || model.OwningOrganizationId != organizationId) { return(new HttpUnauthorizedResult()); } } return(View("Delete", model)); }