public async Task <IActionResult> GetPaymentById([FromRoute(Name = "id")] Guid paymentId) { try { var pay = await paymentService.GetPayment(paymentId); var leasing = leasingService.GetLeasing(pay.Data.Leasing).Result.Data; var id = ExtractIdFromToken(Request.Headers[HttpRequestHeader.Authorization.ToString()]); if (!leasing.Owner.Equals(id) && leasing.Renter != id && !IsAdmin(Request.Headers[HttpRequestHeader.Authorization.ToString()])) { throw new ForbiddenApiException(); } return(Ok(pay)); } catch (HttpResponseException) { throw; } catch (Exception) { throw new BadRequestApiException(); } }
public async Task <IActionResult> GetLeasingById([FromRoute(Name = "id")] Guid leasingId) { return(Ok(await service.GetLeasing(leasingId))); }