public IActionResult Post([FromBody] CustomerDto model) { if (!_permissionService.Authorize(PermissionSystemName.Customers)) { return(Forbid()); } if (ModelState.IsValid) { model = _customerApiService.InsertOrUpdateCustomer(model); return(Created(model)); } return(BadRequest(ModelState)); }