public HttpResponseMessage PutJobInfo(ApplicationUserPutJobInfoViewModel model) { var userOrg = GetUserAndOrganization(); var editorIsAdministrator = _permissionService.UserHasPermission(userOrg, AdministrationPermissions.ApplicationUser); if (editorIsAdministrator && !model.EmploymentDate.HasValue) { return(Request.CreateResponse(HttpStatusCode.BadRequest)); } if (!(editorIsAdministrator || model.Id == User.Identity.GetUserId())) { return(Request.CreateResponse(HttpStatusCode.Forbidden)); } var validatedModelInfo = ValidateModelInfo(model); if (!validatedModelInfo.IsSuccessStatusCode) { return(validatedModelInfo); } var applicationUser = _applicationUserRepository.Get(u => u.Id == model.Id, includeProperties: "Roles,Projects,Skills,WorkingHours").FirstOrDefault(); if (!editorIsAdministrator) { model.EmploymentDate = applicationUser.EmploymentDate; } if (applicationUser == null) { return(Request.CreateResponse(HttpStatusCode.NotFound, string.Format(Resources.Common.DoesNotExist, Resources.Models.ApplicationUser.ApplicationUser.EntityName))); } _mapper.Map(model, applicationUser); applicationUser.Skills = _skillsRepository.Get(s => model.SkillIds.Contains(s.Id)).ToList(); if (editorIsAdministrator && model.RoleIds != null) { UpdateRoles(applicationUser, model.RoleIds); } if (applicationUser.WorkingHours != null && applicationUser.WorkingHours.OrganizationId == 0) { applicationUser.WorkingHours.OrganizationId = GetUserAndOrganization().OrganizationId; } _projectService.AddProjectsToUser(applicationUser.Id, model.ProjectIds, userOrg); _unitOfWork.Save(); _permissionsCache.TryRemoveEntry(applicationUser.Id); return(Request.CreateResponse(HttpStatusCode.OK)); }