public bool CanReadUser(Guid userId) { if (CanWriteUser(userId)) { return(true); } // check if current user is AgencyAdministrator of any BuyerAccount of the user var currentUserBuyerRoles = _owinContext.GetCurrentUserBuyerRoles(); var userBuyerAccountIds = _container.Resolve <IUserService>().GetUserBuyerRoles(userId).Select(x => x.BuyerAccountId).ToList(); return(currentUserBuyerRoles.Any(x => x.RoleName == StandardRole.Administrator && userBuyerAccountIds.Any(id => id == x.BuyerId))); }