public async Task <ActionResult <IEnumerable <PhoneBookEntryResponse> > > GetPhoneBookEntries(Guid phoneBookId, [FromQuery] PagingRequest pagingRequest) { // Check if phone book exists if (!await _phoneBookRepository.ExistsAsync(phoneBookId)) { return(NotFound()); } IReadOnlyList <PhoneBookEntry> phoneBookEntries = await _phoneBookEntryRepository .GetPhoneBookEntriesForBook(phoneBookId, pagingRequest.Page, pagingRequest.PageSize); // Check whether the current phone book have any entries if (phoneBookEntries.Count < 1) { return(NoContent()); } Guid userId = Guid.Parse(_userInfoService.UserId); if (phoneBookEntries.First().PhoneBook.UserId == userId) { // Get the number of entries for this book // Need it for paging int phoneBookEntriesCount = await _phoneBookEntryRepository.CountForBookAsync(phoneBookId); PagingInfo pagingInfo = new PagingInfo(phoneBookEntriesCount, pagingRequest.Page, pagingRequest.PageSize); Response.Headers.Add("X-Pagination", JsonConvert.SerializeObject(pagingInfo, new JsonSerializerSettings() { ContractResolver = new CamelCasePropertyNamesContractResolver() })); return(Ok(_mapper.Map <IEnumerable <PhoneBookEntryResponse> >(phoneBookEntries))); } _logger.LogWarning("User with id {ForbiddenUser} attempted to request entries from a phone book owned by {OwningUser}", userId, phoneBookEntries.First().PhoneBook.UserId); // phone book does not belong to the user // forbidden request return(Forbid()); }