public IActionResult GetListedDonations() { var user = userRepository.GetUserFromPrincipal(HttpContext.User); if (!userRepository.IsActiveUser(user)) { return(new UnauthorizedResult()); } if (!userRepository.IsRecipient(user) && !userRepository.IsActiveAdmin(user)) { return(BadRequest("You don't have priveleges to view all listed donations.")); } var donations = donationRepository.GetListed(); foreach (var donation in donations) { donation.Donor = userRepository.GetById(donation.DonorId); if (donation.RecipientId.HasValue) { donation.Recipient = userRepository.GetById(donation.RecipientId.Value); } } return(Ok(donations)); }