Thursday, May 3, 2012

Thou shall not delete

Thou shall not delete:
Ouch!
public ActionResult DeleteComment(int id)
{
  var userComment = RavenSession.Load<UserComment>(id);

  if (userComment == null)
    return new HttpStatusCodeResult(204);

  var user = RavenSession.GetUser(User.Identity.Name);
  if(user == null || (user.Role != UserRole.Moderator && user.Role != UserRole.Admin))
    return new HttpStatusCodeResult(403, "You must be logged in as moderator or admin to be able to delete comments");

  RavenSession.Delete(user);

  return new HttpStatusCodeResult(204);
}



ICT4PE&D
Posted by at
Labels:

No comments:

Post a Comment

Thank's!

Subscribe to: Post Comments (Atom)