public void ChangePassword(string forChange, [FromBody] string newPassword)
{
var currentEmployee = officeDB.Employees.FirstOrDefault(t => t.Login == RequestContext.Principal.Identity.Name);
var employees = officeDB.Employees.FirstOrDefault(t => t.Login == forChange);
if (currentEmployee == employees || employees.Security >= currentEmployee.Security)
{
throw new HttpResponseException(HttpStatusCode.Forbidden);
}
else
{
employees.Password = newPassword;
TokenManager.CleanAllTokens(employees.Login);
officeDB.SaveChangesAsync();
}
}
