public bool ResetPassword(string authenticationCookie, string userName, string newPassword, string userData) { string authUserName; ServiceUtils.Authenticate(_addin, authenticationCookie, out authUserName, null); if (string.Compare(authUserName, userName, true) == 0 || _addin.HasPermission(authUserName, PermissionsTable.Instance.CanManageUsers.Name, userData)) { return(_addin.ResetPassword(userName, newPassword, userData)); } else { //this should throw authorization exception ServiceUtils.Authorize(_addin, authUserName, PermissionsTable.Instance.CanManageUsers, null); return(false); } }