public IHttpActionResult SellVehicle([FromBody] VehicleDTO vehicle) { HttpResponseMessage response = new HttpResponseMessage(); try { Guid token = this.GetToken(); UserDTO user = this.userService.GetUserLoggedIn(token); PermissionHandler permissionHandler = new PermissionHandler(); if (permissionHandler.IsUserAllowedToSellVehicle(user.Role)) { this.vehicleService.SellVehicle(vehicle); response = this.Request.CreateResponse(HttpStatusCode.OK); } else { response = this.Request.CreateResponse(HttpStatusCode.Unauthorized, "El usuario no tiene permisos para ejecutar esta accion"); } } catch (VehicleNotFoundException e) { response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message); } catch (VehicleNullAttributesException e) { response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message); } catch (FlowStepOrderException e) { response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message); } catch (UserNotExistException e) { response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message); } catch (InvalidOperationException) { string message = "No se ha enviado header de autenticación."; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } catch (FormatException) { string message = "El token enviado no tiene un formato valido."; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } return(ResponseMessage(response)); }