public ActionResult Delete(int userId, int id) { var jwtFirebaseId = UserId; var authed = _userAuth.AuthorizeUserByUid(userId, jwtFirebaseId, _userRepo); if (!authed) { return(Unauthorized(new { error = "User not authorized to perform operation" })); } else { try { _cartRepo.DeleteShoppingCartItem(id); } catch (System.Exception e) { throw e; } } return(NoContent()); }
public ActionResult Delete(int id) { var jwtFirebaseId = UserId; // Check if the user is modifying thier own account or if they are Admin var authed = _userAuth.AuthorizeUserByUid(id, jwtFirebaseId, _repo); if (!authed) { return(Unauthorized(new { error = "User not Admin" })); } else { try { _repo.DeleteUser(id); } catch (System.Exception e) { throw e; } } return(NoContent()); }