public IHttpActionResult Put(long id, [FromBody] UserData userData) { string token = GetAuthToken(); IHttpActionResult validation = Validate(token, id); if (validation != null) { return(validation); } if (userData == null) { return(BadRequest("Missing user data")); } DataAccessSoapClient ws = new DataAccessSoapClient(); User target = ws.FindUser(new DataAccessWS.Security { BinarySecurityToken = token }, id); if (target.Role != DataAccessWS.UserRole.BUYER) { return(NotFound()); } IHttpActionResult userValidation = ValidateUserData(userData, target); if (userValidation != null) { return(userValidation); } User inputUser = userData.CreateBuyer(); inputUser.Id = id; User updated = ws.UpdateUser(new DataAccessWS.Security { BinarySecurityToken = token }, inputUser); return(Ok(CreateRestUser(updated))); }