public IActionResult GetById(int id) { var timeZone = _timeZoneService.GetById(id); var currUser = _userService.GetById(Int32.Parse(User.Identity.Name)); if (timeZone.UserId == currUser.Id || _userService.CheckIf(currUser, Roles.ROLE_ADMIN)) { var model = _mapper.Map <TimeZoneModel>(timeZone); return(Ok(model)); } else { return(StatusCode(403, "Unauthorized! Only 'Admin' or the owner can access this resource")); } }