public IActionResult GetPatient(int patientId) { if (!User.IsInRole(Role.Doctor) && !_patientAuthorization.IsPatientOwnAccount(patientId, User)) { Log.Error("You are not authorized to do this"); return(Unauthorized()); } Log.Information("Getting information about patient"); var patient = _patientBusiness.GetPatient(patientId); return(Ok(patient)); }