public IHttpActionResult GetAllBySchoolClassId(int id) { string role = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value; try { switch (role) { case "admin": string adminId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value; logger.Info("Calling admin access level StudentsService method GetAllBySchoolClassId. Admin ID: {0}", adminId); var retVal1 = service.GetAllBySchoolClassId(id); logger.Info("Returning ok to browser."); return(Ok(retVal1)); case "teacher": string teacherId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value; logger.Info("Calling teacher access level StudentsService method GetAllBySchoolClassIdAndTeacherId. Teacher ID: {0}", teacherId); var retVal2 = service.GetAllBySchoolClassIdAndTeacherId(id, teacherId); logger.Info("Returning ok to browser."); return(Ok(retVal2)); default: logger.Warn("BadRequest. There is no method for this role! {0}", role); return(BadRequest()); } } catch (Exception e) { logger.Warn("Caught exception with message {0}. Returning bad request.", e.Message); return(BadRequest(e.Message)); } }