/// <summary>
        /// POST /api/customers
        /// </summary>
        /// <param name="data"></param>
        /// <returns></returns>
        public HttpResponseMessage Post(CustomerModel model)
        {
            var context = this.DbContext;

            if (!this.User.CanCreate<Customer>())
            {
                throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Forbidden));
            }

            // transform the CustomerModel to Customer
            var entity = model.TransformTo<Customer>();

            // generate a new customer Id
            entity.Id = model.GenerateId();

            // add the entity
            context.Customers.Add(entity);

            // persist changes to the database
            context.SaveChanges();

            // fire the web event
            new CustomerCreatedEvent(entity).Raise();

            // create response
            var response = Request.CreateResponse<CustomerModel>(HttpStatusCode.Created, selector(entity));
            string uri = Url.Link("Api", new { id = entity.Id });
            response.Headers.Location = new Uri(uri);
            return response;
        }