using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Project.Application.DTOs.Incoming; using Project.Application.Interfaces; namespace Project.Web.Controllers { [Route("api/[controller]")] [ApiController] [Authorize(Roles = "Admin")] public class ProductController : ControllerBase { // FIELDS FOR CTOR private readonly IProductService _productService; private readonly IUserService _userService; // CTOR public ProductController(IProductService productService, IUserService userService) { _productService = productService; _userService = userService; } // CREATE [HttpPost] [ProducesResponseType(StatusCodes.Status201Created)] [ProducesResponseType(StatusCodes.Status400BadRequest)] [ProducesResponseType(StatusCodes.Status500InternalServerError)] //[AllowAnonymous] public async Task CreateProduct([FromBody] CreatingProductDto creatingProductDto) { if (!ModelState.IsValid) { return BadRequest(ModelState); } try { var result = await _productService.AddProductAsync(creatingProductDto); //--------- //var current_user = await GetUser(); //if (current_user is null) // return Unauthorized(); //_productService.getbyUsername(current_user.UserName); //---------- if (result != null) { var id = result.Id; var createdResource = new { Id = id }; var actionName = nameof(GetProductById); var routeValue = new { id = createdResource.Id }; return CreatedAtAction(actionName, routeValue, createdResource); } else { return BadRequest("geht nix"); } } catch (Exception ex) { return StatusCode(StatusCodes.Status500InternalServerError, ex.Message); } } // READ ALL //[Authorize(Roles = "Admin")] // Authorization [HttpGet] [ProducesResponseType(StatusCodes.Status200OK)] public async Task GetProducts() { var products = await _productService.GetAllAsync(); return Ok(products); } // READ BY ID [HttpGet("id/{id}", Name = "GetProductById")] [ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status400BadRequest)] [ProducesResponseType(StatusCodes.Status404NotFound)] public async Task GetProductById(int id) { if (id <= 0) { return BadRequest("Invalid Id"); } var product = await _productService.GetByIdAsync(id); if (product == null) { return NotFound(); } return Ok(product); } // READ BY NAME [HttpGet("name/{name}", Name = "GetProductByName")] [ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status400BadRequest)] [ProducesResponseType(StatusCodes.Status404NotFound)] public async Task GetProductByName(string name) { if (string.IsNullOrEmpty(name)) { return BadRequest("Name cannot be empty"); } var product = await _productService.GetByNameAsync(name); if (product == null) { return NotFound(); } return Ok(product); } // UPDATE [HttpPut("id/{id}", Name = "UpdateProduct")] [ProducesResponseType(StatusCodes.Status204NoContent)] [ProducesResponseType(StatusCodes.Status400BadRequest)] public async Task UpdateProduct(int id, UpdatingProductDto updatingProductDto) { var updated = await _productService.UpdateProductAsync(updatingProductDto); return Ok(updated); } // DELETE [HttpDelete("id/{id}", Name = "DeleteProduct")] [ProducesResponseType(StatusCodes.Status204NoContent)] [ProducesResponseType(StatusCodes.Status404NotFound)] [ProducesResponseType(StatusCodes.Status400BadRequest)] public async Task DeleteProduct([FromRoute] int id) { await _productService.DeleteProductAsync(id); return Ok(); } //--------------- //async Task GetUser() //{ // var id_st = this.User.FindFirstValue(ClaimTypes.NameIdentifier); // if (int.TryParse(id_st, out int id)) // return null; // var user = await _userService.GetByIdAsync(id); // return user; //} //-------------- } }