diff --git a/modules/blogging/src/Volo.Blogging.Application/Volo/Blogging/Comments/CommentAppService.cs b/modules/blogging/src/Volo.Blogging.Application/Volo/Blogging/Comments/CommentAppService.cs index 6263159480..60f8ac1d46 100644 --- a/modules/blogging/src/Volo.Blogging.Application/Volo/Blogging/Comments/CommentAppService.cs +++ b/modules/blogging/src/Volo.Blogging.Application/Volo/Blogging/Comments/CommentAppService.cs @@ -80,8 +80,26 @@ namespace Volo.Blogging.Comments return ObjectMapper.Map(comment); } - [Authorize(BloggingPermissions.Comments.Delete)] public async Task DeleteAsync(Guid id) + { + var comment = await _commentRepository.GetAsync(id); + + if (CurrentUser.Id != comment.CreatorId) + { + await DeleteAsAdminAsync(id); + return; + } + + await DeleteCommentAsync(id); + } + + [Authorize(BloggingPermissions.Comments.Delete)] + private async Task DeleteAsAdminAsync(Guid id) + { + await DeleteCommentAsync(id); + } + + private async Task DeleteCommentAsync(Guid id) { await _commentRepository.DeleteAsync(id); diff --git a/modules/blogging/src/Volo.Blogging.Web/Pages/Blog/Posts/Detail.cshtml b/modules/blogging/src/Volo.Blogging.Web/Pages/Blog/Posts/Detail.cshtml index 71843c16d9..561f96bfc7 100644 --- a/modules/blogging/src/Volo.Blogging.Web/Pages/Blog/Posts/Detail.cshtml +++ b/modules/blogging/src/Volo.Blogging.Web/Pages/Blog/Posts/Detail.cshtml @@ -183,7 +183,7 @@ @L["Reply"] - @if (await Authorization.IsGrantedAsync(BloggingPermissions.Comments.Delete)) + @if (await Authorization.IsGrantedAsync(BloggingPermissions.Comments.Delete) || (CurrentUser.Id == commentWithRepliesDto.Comment.CreatorId)) { |