public async Task <ActionResult <UserDetailsModel> > GetUserDetails(int userId) { if (userId < 1) { return(UnprocessableEntity($"Invalid UserId: {userId}")); } int currUser = _sessionService.GetUserId(HttpContext); bool hasAdminRole = _sessionService.IsInRoles(HttpContext, Roles.Administrator); if (userId != currUser && hasAdminRole == false) { return(Forbid()); } UserDetailsModel userDetails = await _appUsersService.RetrieveAsync(userId); if (userDetails is null) { return(NotFound()); } return(Ok(userDetails)); }