public IHttpActionResult Users(int id) { int uid = Auth.CheckToken(Request.Headers); if (uid == 0 || !Auth.CheckAccess(uid, id)) { return(StatusCode(HttpStatusCode.Forbidden)); } var users = UserAccessManager.GetUsers(id); return(new ObjectResult(users, users.GetType(), Request)); }