public async Task <MemberProfile> GetMemberAsync(Guid userId, Guid targetUserId, CancellationToken cancellationToken)
{
if (Guid.Empty == userId)
{
throw new ArgumentOutOfRangeException(nameof(userId));
}
if (Guid.Empty == targetUserId)
{
throw new ArgumentOutOfRangeException(nameof(targetUserId));
}
var userCanPerformAction = await _permissionsService.UserCanPerformActionAsync(userId, EditMembersRole, cancellationToken);
var userCanViewSelf = userId == targetUserId;
if (!userCanPerformAction && !userCanViewSelf)
{
_logger.LogError($"Error: GetMemberAsync - User:{0} does not have access to view the target user:{1}", userId, targetUserId);
throw new SecurityException($"Error: User does not have access");
}
return(await _userCommand.GetMemberAsync(targetUserId, cancellationToken));
}