using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Swashbuckle.AspNetCore.Annotations; using UserManagement.Application.Dtos.Incomming; using UserManagement.Application.Interfaces; using static Microsoft.EntityFrameworkCore.DbLoggerCategory; namespace UserManagement.API.Controllers { [Route("api/[controller]")] [ApiController] //[Authorize(Roles = "Admin")] public class UserController : Controller { // CTOR private readonly IUserService _userService; public UserController(IUserService userService) { _userService = userService; } // CREATE [HttpPost] [SwaggerOperation(Summary = "Create User")] [ProducesResponseType(StatusCodes.Status201Created)] [ProducesResponseType(StatusCodes.Status400BadRequest)] [ProducesResponseType(StatusCodes.Status500InternalServerError)] [Authorize(Roles = "Admin")] public async Task CreateUser([FromBody] CreatingUserDto creatingUserDto) { // Validate incomming model if (!ModelState.IsValid) { return BadRequest(ModelState); } try { // Try to add user asynchronously var result = await _userService.AddUserAsync(creatingUserDto); // If user is successfully created, return a CreatedAtAction response with the created resource if (result is not null) { var id = result.Id; var createdResource = new { Id = id }; var actionName = nameof(GetUserById); var routeValue = new { id = createdResource.Id }; return CreatedAtAction(actionName, routeValue, createdResource); } else { return BadRequest("Creation failed"); } } catch (Exception ex) { return StatusCode(StatusCodes.Status500InternalServerError, ex.Message); } } // READ ALL [HttpGet] [SwaggerOperation(Summary = "Get all Users")] [ProducesResponseType(StatusCodes.Status200OK)] public async Task GetAllUsers([FromQuery] bool includeRoles = true) { var users = await _userService.GetUsersAsync(includeRoles); return Ok(users); } // READ BY ID [HttpGet("id/{id}", Name = "GetUserById")] [SwaggerOperation(Summary = "Get User by Id")] [ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status400BadRequest)] [ProducesResponseType(StatusCodes.Status404NotFound)] public async Task GetUserById(int id, [FromQuery] bool includeRoles = true) { if (id <= 0) { return BadRequest("Invalid Id"); } var user = await _userService.GetByIdAsync(id, includeRoles); if (user == null) { return NotFound(); } return Ok(user); } // READ BY USERNAME [HttpGet("username/{username}", Name = "GetUserByUsername")] [SwaggerOperation(Summary = "Get User by Username")] [ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status400BadRequest)] [ProducesResponseType(StatusCodes.Status404NotFound)] public async Task GetUserByUsername(string username, [FromQuery] bool includeRoles = true) { if (string.IsNullOrEmpty(username)) { return BadRequest("Username connot be empty"); } var user = await _userService.GetByUsernameAsync(username, includeRoles); if (user == null) { return NotFound(); } return Ok(user); } // READ BY ROLE [HttpGet("role/{role}", Name = "GetUsersByRole")] [SwaggerOperation(Summary = "Get Users by Role")] [ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status400BadRequest)] [ProducesResponseType(StatusCodes.Status404NotFound)] public async Task GetUsersByRole(string role) { if (string.IsNullOrEmpty(role)) { return BadRequest("Role cannot be empty"); } var users = await _userService.GetByRoleAsync(role); return Ok(users); } // UPDATE [HttpPut("id/{id}", Name = "UpdateUser")] [SwaggerOperation(Summary = "Update User")] [ProducesResponseType(StatusCodes.Status204NoContent)] [ProducesResponseType(StatusCodes.Status400BadRequest)] public async Task UpdateUser(int id, UpdatingUserDto updatingUserDto) { if (id <= 0) { return BadRequest("Invalid Id"); } var updated = await _userService.UpdateUserAsync(updatingUserDto); if (!updated) { return BadRequest("Update failed"); } return Ok(updated); } // DELETE [HttpDelete("id/{id}", Name = "DeleteUser")] [SwaggerOperation(Summary = "Delete User")] [ProducesResponseType(StatusCodes.Status204NoContent)] [ProducesResponseType(StatusCodes.Status404NotFound)] [ProducesResponseType(StatusCodes.Status400BadRequest)] public async Task DeleteUser([FromBody] int id) { if (id <= 0) { return BadRequest("Invalid Id"); } var deleted = await _userService.DeleteUserAsync(id); if (!deleted) { return BadRequest("Deletion failed"); } return Ok(); } } }