public IHttpActionResult Create([FromBody] UserDTO user) { HttpResponseMessage response = new HttpResponseMessage(); if (user != null) { try { Guid token = this.GetToken(); UserDTO userLogged = this.userService.GetUserLoggedIn(token); PermissionHandler permissionHandler = new PermissionHandler(); if (permissionHandler.IsUserAllowedToCreateUser(userLogged.Role)) { this.userService.AddUser(user); response = this.Request.CreateResponse(HttpStatusCode.OK); } else { response = this.Request.CreateResponse(HttpStatusCode.Unauthorized, "El usuario no tiene permisos para ejecutar esta accion"); } } catch (UserNotExistException e) { response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message); } catch (InvalidOperationException) { string message = "No se ha enviado header de autenticación."; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } catch (FormatException) { string message = "El token enviado no tiene un formato valido."; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } } else { string message = "El formato de usuario es incorrecto"; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } return(ResponseMessage(response)); }