Ouch!
public ActionResult DeleteComment(int id)
{
var userComment = RavenSession.Load<UserComment>(id);
if (userComment == null)
return new HttpStatusCodeResult(204);
var user = RavenSession.GetUser(User.Identity.Name);
if(user == null || (user.Role != UserRole.Moderator && user.Role != UserRole.Admin))
return new HttpStatusCodeResult(403, "You must be logged in as moderator or admin to be able to delete comments");
RavenSession.Delete(user);
return new HttpStatusCodeResult(204);
}
ICT4PE&D
No comments:
Post a Comment
Thank's!