public async Task <ActionResult> ActionIfAllowed( Func <Task> action, string[] nonPrivilegedRoles, params Guid[] accountIds) { if (_userContext.HasRoles(Roles.Roles.Privileged)) { await action(); return(NoContent()); } if (_userContext.HasRoles(nonPrivilegedRoles) && _userContext.Belongs(accountIds)) { await action(); return(NoContent()); } if (_userContext.HasRoles(nonPrivilegedRoles) && !_userContext.Belongs(accountIds)) { return(Forbid()); } throw new Exception(); }