public HttpResponseMessage ApproveRental([FromBody] Rental rental) { string currentUserEmailAddress; if (Request.Headers.GetValues("EmailId").Count() == 0) { return(new HttpResponseMessage() { StatusCode = HttpStatusCode.Unauthorized }); } currentUserEmailAddress = Request.Headers.GetValues("EmailId").First(); // validate if user is an admin if (!accountService.CheckIfGivenEmailIsOfAdmin(currentUserEmailAddress)) { return(new HttpResponseMessage() { StatusCode = HttpStatusCode.Unauthorized }); } rentalService.ApproveRental(rental.UserName, rental.BookName); return(new HttpResponseMessage() { StatusCode = HttpStatusCode.OK }); }