public IHttpActionResult GetSave(string EIN) { // make sure user has rights to the EIN var hasEINClaim = _identityService.UserHasEINClaim(User, EIN); if (!hasEINClaim) { return(Unauthorized()); } var applicationSave = _saveService.GetSave(EIN); if (applicationSave != null) { return(Ok(applicationSave.ApplicationState)); } return(NotFound()); }
public IHttpActionResult GetSave(string applicationId) { AccountController account = new AccountController(_employerService, _organizationService, _identityService); account.UserManager = UserManager; var userInfo = account.GetUserInfo(); // make sure user has rights to the Applicaion var hasPermission = _identityService.HasSavePermission(userInfo, applicationId); if (!hasPermission) { Unauthorized("Unauthorized"); } var applicationSave = _saveService.GetSave(applicationId); if (applicationSave == null) { NotFound("Application Not found"); } return(Ok(applicationSave.ApplicationState)); }