public IActionResult GetPendingRequests() { var user = _accessTokenProvider.GetTokenPayload(); if (user == null) { return(Unauthorized()); } if (!user.IsAdmin && !user.IsManager) { _logger.Warning("User not allowed to get pending requests", new { user }); return(StatusCode(403)); } var requests = _vacationRepository.GetPendingRequests(user.UserId); if (requests?.Count > 0) { return(Ok(requests)); } return(NoContent()); }