public async Task <IActionResult> CreateOuraReadiness([FromBody] OuraReadinessRequest ouraReadinessRequest) { if (ouraReadinessRequest == null) { _logger.LogError("CreateOuraReadiness: OuraReadinessRequest object sent from client is null."); return(BadRequest("OuraReadinessRequest object is null")); } if (!ModelState.IsValid) { _logger.LogError("CreateOuraReadiness: Invalid OuraReadinessRequest object sent from client."); return(BadRequest("Invalid OuraReadinessRequest object")); } string userId = HttpContext.User.Claims.Single(x => x.Type == "id").Value; string role = HttpContext.User.Claims.Single(x => x.Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/role").Value; if (role == Role.SubAdministratorRole) { if (!await ParticipantInOrganizationOfUserIdAsync(ouraReadinessRequest.ParticipantId, userId)) { return(BadRequest("A sub-administrator can create only oura readinesses of a participant of own organization")); } } else if (role == Role.SupervisorRole) { if (!await ParticipantInStudiesOfUserIdAsync(ouraReadinessRequest.ParticipantId, userId)) { return(BadRequest("A supervisor can create only oura readinesses of a participant of own studies")); } } else if (role == Role.ParticipantRole) { if (!await ParticipantSameAsUserIdAsync(ouraReadinessRequest.ParticipantId, userId)) { return(BadRequest("A participant can create only own oura readinesses")); } } else if (role == Role.TherapistRole) { var participant = await _coadaptService.Participant.GetParticipantByIdAsync(ouraReadinessRequest.ParticipantId); if (!await ParticipantMonitoredByTherapistOfUserIdAsync(participant, userId)) { return(BadRequest("A therapist can create only oura readinesses of monitored participants")); } } var ouraReadiness = new OuraReadiness(); ouraReadiness.FromRequest(ouraReadinessRequest); _coadaptService.OuraReadiness.CreateOuraReadiness(ouraReadiness); await _coadaptService.SaveAsync(); return(CreatedAtRoute("OuraReadinessById", new { id = ouraReadiness.Id }, ouraReadiness)); }