public async Task <IActionResult> Post([FromBody] PatientReport report)
        {
            //figure out if the user has permission to accsess the apointment the report will
            // be associated with, and if not return 403 forbidden

            //if they do, create the report with the given details.
            var new_report = await _clinicRepository.AddPatientReportAsync(report);

            if (new_report is Domain.Models.PatientReport)
            {
                return(CreatedAtAction(nameof(Get), new { id = new_report.Id }, new_report));
            }
            else
            {
                return(BadRequest("Request could not be processed."));
            }
        }