public IHttpActionResult GetCoursesForTeacher(int teacherId) { var userData = IdentityHelper.GetLoggedInUser(RequestContext); logger.Info("Get Courses for teacher {@teacherId} by {@userData}", teacherId, userData); if (userData.UserId != teacherId && userData.UserRole == "teachers") { throw new UnauthorizedAccessException("You are not allowed to access other teachers data"); } return(Ok(teachersService.GetCoursesForTeacher(teacherId))); }