public IHttpActionResult Get(string vin) { HttpResponseMessage response = new HttpResponseMessage(); try { Guid token = this.GetToken(); UserDTO userLogged = this.userService.GetUserLoggedIn(token); PermissionHandler permissionHandler = new PermissionHandler(); VehicleDTO vehicleDTO = this.vehicleService.FindVehicleByVin(vin); if (permissionHandler.IsUserAllowedToListVehicle(userLogged.Role, vehicleDTO.Status)) { response = this.Request.CreateResponse(HttpStatusCode.OK, vehicleDTO); } else { response = this.Request.CreateResponse(HttpStatusCode.Unauthorized, "El usuario no tiene permisos para ejecutar esta accion"); } } catch (VehicleNotFoundException e) { response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message); } catch (UserNotExistException e) { response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message); } catch (InvalidOperationException) { string message = "No se ha enviado header de autenticación."; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } catch (FormatException) { string message = "El token enviado no tiene un formato valido."; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } return(ResponseMessage(response)); }