public async Task <IActionResult> GetPaymentById([FromRoute(Name = "id")] Guid paymentId)
{
try
{
var pay = await paymentService.GetPayment(paymentId);
var leasing = leasingService.GetLeasing(pay.Data.Leasing).Result.Data;
var id = ExtractIdFromToken(Request.Headers[HttpRequestHeader.Authorization.ToString()]);
if (!leasing.Owner.Equals(id) && leasing.Renter != id && !IsAdmin(Request.Headers[HttpRequestHeader.Authorization.ToString()]))
{
throw new ForbiddenApiException();
}
return(Ok(pay));
}
catch (HttpResponseException)
{
throw;
}
catch (Exception)
{
throw new BadRequestApiException();
}
}
public async Task <IActionResult> GetLeasingById([FromRoute(Name = "id")] Guid leasingId)
{
return(Ok(await service.GetLeasing(leasingId)));
}