public async Task <ActionResult> Add([FromHeader] string Authentication, [FromQuery] string userId, [FromQuery] string groupId)
        {
            if (SessionManager.GetSessionState(Authentication) != SessionManager.SessionState.Authorized)
            {
                return(Unauthorized());
            }
            SessionInfo sessionInfo = SessionManager.GetSessionInfo(Authentication);

            if (sessionInfo == null)
            {
                return(Unauthorized());
            }

            int userIdInt  = 0;
            int groupIdInt = 0;

            if (!int.TryParse(userId, out userIdInt) || !int.TryParse(userId, out groupIdInt))
            {
                return(BadRequest("Bad id"));
            }

            using (UnitOfWork uow = new UnitOfWork())
            {
                MembershipRepository membershipRepo = new MembershipRepository(uow);
                MembershipDTO        membership     = await membershipRepo.GetByUserAndGroupId(userIdInt, groupIdInt);

                if (membership != null)
                {
                    if (membership.Status == 0 && userIdInt == sessionInfo.UserId)
                    {
                        membership.Status = 1;
                        await membershipRepo.Update(membership);
                    }
                    else
                    {
                        return(Ok());
                    }
                }
                else
                {
                    membership = new MembershipDTO
                    {
                        UserId  = userIdInt,
                        GroupId = groupIdInt,
                        Status  = 0
                    };
                    membership.Id = await membershipRepo.Add(membership);
                }

                uow.Commit();
                return(Ok(membership));
            }
        }
        public async Task <ActionResult> Delete([FromHeader] string Authentication, [FromQuery] string userId, [FromQuery] string groupId)
        {
            if (SessionManager.GetSessionState(Authentication) != SessionManager.SessionState.Authorized)
            {
                return(Unauthorized());
            }
            SessionInfo sessionInfo = SessionManager.GetSessionInfo(Authentication);

            if (sessionInfo == null)
            {
                return(Unauthorized());
            }


            int userIdInt  = 0;
            int groupIdInt = 0;

            if (!int.TryParse(userId, out userIdInt) || !int.TryParse(userId, out groupIdInt))
            {
                return(BadRequest("Bad id"));
            }

            using (UnitOfWork uow = new UnitOfWork())
            {
                MembershipRepository membershipsRepo = new MembershipRepository(uow);
                MembershipDTO        membership      = await membershipsRepo.GetByUserAndGroupId(userIdInt, groupIdInt);

                if (membership.Status == 3)
                {
                    return(BadRequest("cannot delete the owner"));
                }

                await membershipsRepo.Remove(membership.Id);

                uow.Commit();
                return(Ok());
            }
        }