public async Task <ActionResult> UpdateCollaboratorRole(string id, string userId, RoleType type) { var item = await _itemDbCommand.FindAsync(id); if (item == null) { return(HttpNotFound()); } if (!LogonUser.IsEntitledToEditItemCollaborators(item)) { return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized)); } var targetCollaborator = item.Collaborators.FirstOrDefault(x => x.Id == userId); if (targetCollaborator == null) { throw new InvalidOperationException(); } targetCollaborator.Role = type; await _itemDbCommand.SaveCollaboratorsAsync(item); return(new HttpStatusCodeResult(HttpStatusCode.OK)); }