@Override @RequestMapping(value = "/admin/suspendAccount", method = RequestMethod.POST) public ResponseEntity suspendAccount( @RequestBody AccountSuspensionInfo suspendInfo, @RequestHeader(value = "token") String token) { String actionName = "AdminControllerImpl.suspendAccount"; try { if (!sessionService.isSessionActive(token)) { return new ResponseEntity<>(HttpStatus.FORBIDDEN); } String userRoleForToken = sessionService.getUserRoleByToken(token); String usernameForToken = sessionService.getUsernameByToken(token); try { if (permissionService.isOperationAvailable(actionName, userRoleForToken)) { adminService.suspendAccount(suspendInfo); auditService.addEvent( new AuditItem( usernameForToken, actionName, suspendInfo.toString(), Constants.ADMIN_SUSPEND, true)); return new ResponseEntity<>(HttpStatus.OK); } else { auditService.addEvent( new AuditItem( usernameForToken, actionName, suspendInfo.toString(), Constants.NO_PERMISSION, false)); return new ResponseEntity<>(HttpStatus.UNAUTHORIZED); } } catch (ServiceException serviceException) { auditService.addEvent( new AuditItem( usernameForToken, actionName, suspendInfo.toString(), serviceException.getMessage(), false)); return new ResponseEntity<>(serviceException.getMessage(), HttpStatus.UNPROCESSABLE_ENTITY); } catch (NotFoundException notFoundException) { auditService.addEvent( new AuditItem( usernameForToken, actionName, suspendInfo.toString(), notFoundException.getMessage(), false)); return new ResponseEntity<>(notFoundException.getMessage(), HttpStatus.NOT_FOUND); } } catch (ServiceException serviceException) { return new ResponseEntity<>(serviceException.getMessage(), HttpStatus.UNPROCESSABLE_ENTITY); } }