public async Task <IActionResult> EditPermissions(EditPrivilegesViewModel vm) { if (vm.Button == "Approve" || vm.Button == "Save") { if (vm.Button == "Approve") { await _contactsApiClient.ApproveContact(vm.ContactId); } var response = await _contactsApiClient.SetContactPrivileges( new SetContactPrivilegesRequest() { AmendingContactId = Guid.Empty, // amended by a staff member who is not a contact ContactId = vm.ContactId, PrivilegeIds = vm.PrivilegeViewModels.Where(pvm => pvm.Selected).Select(pvm => pvm.Privilege.Id).ToArray(), IsNewContact = vm.Button == "Approve" }); if (!response.Success) { ModelState.AddModelError("permissions", response.ErrorMessage); var editVm = await GetUserViewModel(vm.ContactId); return(View("~/Views/Register/EditUserPermissions.cshtml", editVm)); } return(RedirectToAction("Details", new { contactId = vm.ContactId })); } await _contactsApiClient.RejectContact(vm.ContactId); return(RedirectToAction("Register", "ViewOrganisation", new { vm.EndPointAssessorOrganisationId })); }