public async Task <ActionResult <PersonViewModel> > UpdateUserAsync([FromBody] PersonViewModel personViewModel) { if (personViewModel == null || personViewModel.Id == Guid.Empty) { return(BadRequest("Invalid User")); } try { string oid = IdentityHelper.GetOid(HttpContext.User.Identity as ClaimsIdentity); if (oid == null) { return(BadRequest("Invalid User")); } //only the owner of a profile or a boardmember or a committeemember can update user data if (personViewModel.Id.ToString() != oid && !UserHasRole(UserRole.Boardmember, (ClaimsIdentity)HttpContext.User.Identity) && !UserHasRole(UserRole.Committeemember, (ClaimsIdentity)HttpContext.User.Identity)) { return(BadRequest("Invalid User")); } User user = PersonViewModel.CreateUser(personViewModel, Extensions.GetInstance(b2CExtentionApplicationId)); TaskResult <User> result = await personService.UpdatePersonAsync(user); if (!result.Succeeded) { return(Unauthorized()); } return(Ok(PersonViewModel.CreateVmFromUser(result.Data, Extensions.GetInstance(b2CExtentionApplicationId)))); } catch (Exception ex) { string message = GetType().Name + "Error in " + nameof(UpdateUserAsync); logger.LogError(ex, message); return(UnprocessableEntity(new ErrorViewModel { Type = Type.Error, Message = message })); } }