public async Task <IActionResult> Post([FromBody] CreateRecordModel model) { try { //check that user is in team var user = await _userService.GetCurrentUserAsync(TenantId); if (user == null) { return(Unauthorized()); } //check that user has access to form var form = await _tenantRepository.GetFormForUserByFormId(user.Id, model.FormId, TenantId); if (form == null) { return(Unauthorized()); } var record = new Record { FormId = model.FormId, RecordJson = JsonConvert.SerializeObject(model.ResponseJson), Status = RecordStatus.Submitted, Location = new Location { Latitude = model.Latitude, Longitude = model.Longitude, }, UserId = user.Id, Message = "Submitted", LocalTitle = model.LocalTitle }; await _tenantRepository.AddRecord(record, TenantId); return(Ok()); } catch (Exception e) { return(BadRequest()); } }