public async Task <IActionResult> UpdateBuilder(string builderId, [FromBody] BuilderUpdateModel builderUpdateModel)
{
var currentUserId = User.Identity.Name;
try
{
if (User.IsInRole(Role.Admin))
{
await _buildersService.UpdateBuilderFromAdminAsync(builderId, builderUpdateModel);
}
else if (User.IsInRole(Role.Builder))
{
await _buildersService.UpdateBuilderFromBuilderAsync(currentUserId, builderId, builderUpdateModel);
}
else
{
return(Forbid("You must be part of the Buildup program"));
}
}
catch (UnauthorizedAccessException e)
{
return(Forbid($"You are not authorized to update this builder: {e.Message}"));
}
catch (Exception e)
{
return(BadRequest($"Can't update the builder: {e.Message}"));
}
return(Ok());
}
