public async Task <ActionResult> ActionIfAllowed(
Func <Task> action,
string[] nonPrivilegedRoles,
params Guid[] accountIds)
{
if (_userContext.HasRoles(Roles.Roles.Privileged))
{
await action();
return(NoContent());
}
if (_userContext.HasRoles(nonPrivilegedRoles) && _userContext.Belongs(accountIds))
{
await action();
return(NoContent());
}
if (_userContext.HasRoles(nonPrivilegedRoles) && !_userContext.Belongs(accountIds))
{
return(Forbid());
}
throw new Exception();
}
