public IHttpActionResult Create([FromBody] UserDTO user)
{
HttpResponseMessage response = new HttpResponseMessage();
if (user != null)
{
try
{
Guid token = this.GetToken();
UserDTO userLogged = this.userService.GetUserLoggedIn(token);
PermissionHandler permissionHandler = new PermissionHandler();
if (permissionHandler.IsUserAllowedToCreateUser(userLogged.Role))
{
this.userService.AddUser(user);
response = this.Request.CreateResponse(HttpStatusCode.OK);
}
else
{
response = this.Request.CreateResponse(HttpStatusCode.Unauthorized, "El usuario no tiene permisos para ejecutar esta accion");
}
}
catch (UserNotExistException e)
{
response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message);
}
catch (InvalidOperationException)
{
string message = "No se ha enviado header de autenticación.";
response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message);
}
catch (FormatException)
{
string message = "El token enviado no tiene un formato valido.";
response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message);
}
}
else
{
string message = "El formato de usuario es incorrecto";
response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message);
}
return(ResponseMessage(response));
}
