public async Task <IActionResult> Add(UserSchoolInput input) { string[] roles = { "Admin", "SchoolAdmin" }; var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last(); if (RoleService.CheckRoles(token, roles, _userManager)) { var userDetailsRepo = new UserDetailsRepository(); var userDetails = userDetailsRepo.GetAll().First(x => x.UserId == input.UserId); userDetails.SchoolId = input.SchoolId; userDetailsRepo.Edit(userDetails); return(Ok()); } return(Unauthorized("Only Admin, SchoolAdmin have access to this controller.")); }