public async Task <IActionResult> UpdateEnrollee(int enrolleeId, Enrollee enrollee, [FromQuery] bool beenThroughTheWizard = false) { if (enrollee == null) { this.ModelState.AddModelError("Enrollee", "Could not update the enrollee, the passed in Enrollee cannot be null."); return(BadRequest(new ApiBadRequestResponse(this.ModelState))); } if (enrollee == null || enrollee.Id == null) { this.ModelState.AddModelError("Enrollee.Id", "Enrollee Id is required to make updates."); return(BadRequest(new ApiBadRequestResponse(this.ModelState))); } if (enrolleeId != enrollee.Id) { this.ModelState.AddModelError("Enrollee.Id", "Enrollee Id does not match with the payload."); return(BadRequest(new ApiBadRequestResponse(this.ModelState))); } if (!_enrolleeService.EnrolleeExists(enrolleeId)) { return(NotFound(new ApiResponse(404, $"Enrollee not found with id {enrolleeId}"))); } // If the enrollee is not in the status of 'In Progress', it cannot be updated if (!(await _enrolleeService.IsEnrolleeInStatusAsync(enrolleeId, Status.IN_PROGRESS_CODE))) { this.ModelState.AddModelError("Enrollee.CurrentStatus", "Enrollee can not be updated when the current status is not 'In Progress'."); return(BadRequest(new ApiBadRequestResponse(this.ModelState))); } // If the user is not an ADMIN, make sure the enrolleeId matches the user, otherwise return not authorized if (!BelongsToEnrollee(enrollee)) { return(Forbid()); } await _enrolleeService.UpdateEnrolleeAsync(enrollee, beenThroughTheWizard); return(NoContent()); }