Project/Project.Web/Controllers/ProductController.cs

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Project.Application.DTOs.Incoming;
using Project.Application.DTOs.Outgoing;
using Project.Application.Interfaces;
using System.Security.Claims;

namespace Project.Web.Controllers
{
    [Route("api/[controller]")]
    [ApiController]
    [Authorize(Roles = "Admin")] // Authorize Admins only to use this controller
    public class ProductController : ControllerBase
    {
        // FIELDS FOR CTOR
        private readonly IProductService _productService;
        private readonly IUserService _userService;
        // CTOR
        public ProductController(IProductService productService, IUserService userService)
        {
            _productService = productService;
            _userService = userService;
        }

        // CREATE
        [HttpPost]
        [ProducesResponseType(StatusCodes.Status201Created)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        [ProducesResponseType(StatusCodes.Status500InternalServerError)]
        public async Task<IActionResult> CreateProduct([FromBody] CreatingProductDto creatingProductDto)
        {
            // Validate incomming model
            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            // Get username of logged in user
            // var currentUser = await GetUser();
            // if (currentUser is null)
            //     return Unauthorized();

            // _productService.getbyUsername(currentUser.UserName);

            try
            {
                // Try to add product asynchronously
                var result = await _productService.AddProductAsync(creatingProductDto);

                // If product is successfully created, return a CreatedAtAction response with the created resource
                if (result != null)
                {
                    var id = result.Id;
                    var createdResource = new { Id = id };
                    var actionName = nameof(GetProductById);
                    var routeValue = new { id = createdResource.Id };
                    return CreatedAtAction(actionName, routeValue, createdResource);
                }
                else
                {
                    return BadRequest("geht nix");
                }
            }
            catch (Exception ex)
            {
                return StatusCode(StatusCodes.Status500InternalServerError, ex.Message);
            }
        }

        // READ ALL
        [HttpGet]
        [ProducesResponseType(StatusCodes.Status200OK)]
        public async Task<IActionResult> GetProducts()
        {
            var products = await _productService.GetAllAsync();
            return Ok(products);
        }

        // READ BY ID
        [HttpGet("id/{id}", Name = "GetProductById")]
        [ProducesResponseType(StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        [ProducesResponseType(StatusCodes.Status404NotFound)]
        public async Task<IActionResult> GetProductById(int id)
        {
            if (id <= 0)
            {
                return BadRequest("Invalid Id");
            }
            var product = await _productService.GetByIdAsync(id);
            if (product == null)
            {
                return NotFound();
            }
            return Ok(product);
        }
        
        // READ BY NAME
        [HttpGet("name/{name}", Name = "GetProductByName")]
        [ProducesResponseType(StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        [ProducesResponseType(StatusCodes.Status404NotFound)]
        public async Task<IActionResult> GetProductByName(string name)
        {
            if (string.IsNullOrEmpty(name))
            {
                return BadRequest("Name cannot be empty");
            }
            var product = await _productService.GetByNameAsync(name);
            if (product == null)
            {
                return NotFound();
            }
            return Ok(product);
        }

        // UPDATE
        [HttpPut("id/{id}", Name = "UpdateProduct")]
        [ProducesResponseType(StatusCodes.Status204NoContent)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        public async Task<IActionResult> UpdateProduct(int id, UpdatingProductDto updatingProductDto)
        {
            var updated = await _productService.UpdateProductAsync(updatingProductDto);
            return Ok(updated);
        }

        // DELETE
        [HttpDelete("id/{id}", Name = "DeleteProduct")]
        [ProducesResponseType(StatusCodes.Status204NoContent)]
        [ProducesResponseType(StatusCodes.Status404NotFound)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        public async Task<IActionResult> DeleteProduct([FromRoute] int id)
        {
            await _productService.DeleteProductAsync(id);
            return Ok();
        }

        // <---------------------------------------------

        // GET LOGGED IN USER OUT OF COOKIE INFORMATION
        async Task<ReadingUserDto?> GetUser()
        {
            // Get id (as string) from the claims of the logged in user and convert it into an int
            var idAsString = this.User.FindFirstValue(ClaimTypes.NameIdentifier);
            if (int.TryParse(idAsString, out int id))
                return null;

            // Use that id (as int) to get the user
            var user = await _userService.GetByIdAsync(id);
            return user;
        }

        // --------------------------------------------->
    }
}