So, the question is how do we secure the controller actions so only authorized users would be able to delete the items.