Merge pull request #2 from AcademiaY4/master

mod:userM

Controllers/AdminController.cs

@@ -0,0 +1,103 @@
+using apekade.Models.Dto;
+using apekade.Models.Dto.UserDto;
+using apekade.Models.Validation;
+using apekade.Models.Validation.UserValidation;
+using apekade.Services;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using MongoDB.Bson;
+
+namespace apekade.Controllers;
+
+[ApiController]
+[Route("api/[controller]")]
+[Authorize(Roles = "ADMIN")]
+public class AdminController : ControllerBase
+{
+    private readonly IAdminService _adminService;
+    public AdminController(IAdminService adminService)
+    {
+        _adminService = adminService;
+    }
+
+    [HttpPost("create-user")]
+    public async Task<IActionResult> CreateUser([FromBody] CreateUserDto createUserDto)
+    {
+        var validator = new CreateUserValidator();
+        var result = validator.Validate(createUserDto);
+
+        if (!result.IsValid)
+        {
+            var firstError = result.Errors.Select(e => new { error = e.ErrorMessage }).FirstOrDefault();
+            return this.ApiRes(400, false, "Validation error", firstError);
+        }
+
+        var response = await _adminService.CreateUser(createUserDto);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+
+    [HttpPut("update-user/{id}")]
+    public async Task<IActionResult> UpdateUser(string id, [FromBody] UpdateUserDto updateUserDto)
+    {
+        // Validate the ID
+        if (!ObjectId.TryParse(id, out var objectId))
+            return this.ApiRes(400, false, "invalid MongoDB ObjectId.", null);
+
+        var validator = new UpdateUserValidator();
+        var result = validator.Validate(updateUserDto);
+
+        if (!result.IsValid)
+        {
+            var firstError = result.Errors.Select(e => new { error = e.ErrorMessage }).FirstOrDefault();
+            return this.ApiRes(400, false, "Validation error", firstError);
+        }
+
+        var response = await _adminService.UpdateUser(id, updateUserDto);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+
+    [HttpPost("deactivate-user/{userId}")]
+    public async Task<IActionResult> DeactivateUser(string userId)
+    {
+        if (!ObjectId.TryParse(userId, out var objectId))
+            return this.ApiRes(400, false, "invalid MongoDB ObjectId.", null);
+
+        var response = await _adminService.DeactivateUser(userId);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+
+    [HttpPost("reactivate-user/{userId}")]
+    public async Task<IActionResult> ReactivateUser(string userId)
+    {
+        var response = await _adminService.ReactivateUser(userId);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+
+    [HttpDelete("delete-user/{userId}")]
+    public async Task<IActionResult> DeleteUser(string userId)
+    {
+        if (!ObjectId.TryParse(userId, out var objectId))
+            return this.ApiRes(400, false, "invalid MongoDB ObjectId.", null);
+
+        var response = await _adminService.DeleteUser(userId);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+
+    [HttpGet("user/{userId}")]
+    public async Task<IActionResult> GetUserById(string userId)
+    {
+        if (!ObjectId.TryParse(userId, out var objectId))
+            return this.ApiRes(400, false, "invalid MongoDB ObjectId.", null);
+        var response = await _adminService.GetUserById(userId);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+
+    [HttpGet("all-users")]
+    public async Task<IActionResult> GetAllUsers()
+    {
+        var users = await _adminService.GetAllUsers();
+        return Ok(users);
+    }
+}
+

Controllers/BuyerController.cs

@@ -0,0 +1,76 @@
+using System.Security.Claims;
+using apekade.Models.Dto;
+using apekade.Models.Dto.BuyerDto;
+using apekade.Models.Dto.VendorDto;
+using apekade.Models.Validation.BuyerValidation;
+using apekade.Services;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using MongoDB.Bson;
+
+namespace apekade.Controllers;
+
+[Route("api/[controller]")]
+[ApiController]
+[Authorize(Roles = "BUYER")]
+public class BuyerController : ControllerBase
+{
+    private readonly IBuyerService _buyerService;
+    public BuyerController(IBuyerService buyerService)
+    {
+        _buyerService = buyerService;
+    }
+
+    [HttpPut("update-account")]
+    public async Task<IActionResult> UpdateAccount([FromBody] UpdateBuyerDto updateBuyerDto)
+    {
+        var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
+        if (string.IsNullOrEmpty(userId))
+            return this.ApiRes(400, false, "invalid MongoDB ObjectId.", null);
+
+        var validator = new UpdateBuyerValidator();
+        var result = validator.Validate(updateBuyerDto);
+
+        if (!result.IsValid)
+        {
+            var firstError = result.Errors.Select(e => new { error = e.ErrorMessage }).FirstOrDefault();
+            return this.ApiRes(400, false, "Validation error", firstError);
+        }
+
+        var response = await _buyerService.UpdateAccount(userId, updateBuyerDto);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+
+    [HttpPost("deactivate-account")]
+    public async Task<IActionResult> DeactivateAccount()
+    {
+        var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
+        if (string.IsNullOrEmpty(userId))
+            return this.ApiRes(400, false, "invalid MongoDB ObjectId.", null);
+
+        var response = await _buyerService.DeactivateAccount(userId);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+
+    [HttpPost("add-vendor-rating")]
+    public async Task<IActionResult> AddVendorRating(AddVendorRatingDto addVendorRatingDto)
+    {
+        var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
+        if (string.IsNullOrEmpty(userId))
+            return this.ApiRes(400, false, "invalid MongoDB ObjectId.", null);
+
+        var validator = new AddRatingValidator();
+        var result = validator.Validate(addVendorRatingDto);
+
+        if (!result.IsValid)
+        {
+            var firstError = result.Errors.Select(e => new { error = e.ErrorMessage }).FirstOrDefault();
+            return this.ApiRes(400, false, "Validation error", firstError);
+        }
+
+        var response = await _buyerService.AddVendorRating(userId, addVendorRatingDto);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+}
+

Controllers/CsrController.cs

@@ -0,0 +1,50 @@
+using apekade.Models.Dto;
+using apekade.Services;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using MongoDB.Bson;
+
+namespace apekade.Controllers;
+
+[Route("api/[controller]")]
+[ApiController]
+[Authorize(Roles = "CSR,ADMIN")]
+public class CsrController : ControllerBase
+{
+    private readonly ICsrService _csrService;
+    public CsrController(ICsrService csrService)
+    {
+        _csrService = csrService;
+    }
+    [HttpPost("approve-customer/{userId}")]
+    public async Task<IActionResult> ApproveCustomerAccount(string userId)
+    {
+        if (!ObjectId.TryParse(userId, out var objectId))
+            return this.ApiRes(400, false, "invalid MongoDB ObjectId.", null);
+
+        var response = await _csrService.ApproveUserAccount(userId);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+
+    [HttpPost("deactivate-customer/{userId}")]
+    public async Task<IActionResult> DeactivateCustomerAccount(string userId)
+    {
+        if (!ObjectId.TryParse(userId, out var objectId))
+            return this.ApiRes(400, false, "invalid MongoDB ObjectId.", null);
+
+        var response = await _csrService.DeactivateUserAccount(userId);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+
+    [HttpPost("reactivate-customer/{userId}")]
+    public async Task<IActionResult> ReactivateCustomerAccount(string userId)
+    {
+        if (!ObjectId.TryParse(userId, out var objectId))
+            return this.ApiRes(400, false, "invalid MongoDB ObjectId.", null);
+
+        var response = await _csrService.ReactivateUserAccount(userId);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+}
+

Controllers/VendorController.cs

@@ -0,0 +1,43 @@
+using System.Security.Claims;
+using apekade.Models.Dto;
+using apekade.Models.Dto.VendorDto;
+using apekade.Models.Validation.VendorValidation;
+using apekade.Services;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+
+namespace apekade.Controllers;
+
+[Route("api/[controller]")]
+[ApiController]
+[Authorize(Roles = "VENDOR")]
+public class VendorController : ControllerBase
+{
+    private readonly IVendorService _vendorService;
+    public VendorController(IVendorService buyerService)
+    {
+        _vendorService = buyerService;
+    }
+
+    [HttpPut("update-account")]
+    public async Task<IActionResult> UpdateAccount([FromBody] UpdateVendorDto updateVendorDto)
+    {
+        var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
+        if (string.IsNullOrEmpty(userId))
+            return this.ApiRes(400, false, "invalid MongoDB ObjectId.", null);
+
+        var validator = new UpdateVendorValidator();
+        var result = validator.Validate(updateVendorDto);
+
+        if (!result.IsValid)
+        {
+            var firstError = result.Errors.Select(e => new { error = e.ErrorMessage }).FirstOrDefault();
+            return this.ApiRes(400, false, "Validation error", firstError);
+        }
+
+        var response = await _vendorService.UpdateVendorProfile(userId, updateVendorDto);
+        return this.ApiRes(response.Code, response.Status, response.Message, response.Data);
+    }
+}
+

Middleware/EndpointException.cs

@@ -0,0 +1,69 @@
+using System;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Logging;
+
+namespace apekade.Middleware
+{
+    public class EndpointException
+    {
+        private readonly RequestDelegate _next;
+        private readonly ILogger<EndpointException> _logger;
+
+        public EndpointException(RequestDelegate next, ILogger<EndpointException> logger)
+        {
+            _next = next;
+            _logger = logger;
+        }
+
+        public async Task InvokeAsync(HttpContext context)
+        {
+            await _next(context);
+
+            // Ensure response has not started before modifying headers
+            if (!context.Response.HasStarted)
+            {
+                if (context.Response.StatusCode == StatusCodes.Status404NotFound)
+                {
+                    await HandleNotFoundAsync(context);
+                }
+                else if (context.Response.StatusCode == StatusCodes.Status405MethodNotAllowed)
+                {
+                    await HandleMethodNotAllowedAsync(context);
+                }
+            }
+            else
+            {
+                _logger.LogWarning("Response has already started. Skipping custom error handling.");
+            }
+        }
+
+        private Task HandleNotFoundAsync(HttpContext context)
+        {
+            context.Response.ContentType = "application/json";
+            var response = new
+            {
+                Status = false,
+                Code = 404,
+                Message = "The requested resource was not found.",
+                Data = new { }
+            };
+
+            return context.Response.WriteAsJsonAsync(response);
+        }
+
+        private Task HandleMethodNotAllowedAsync(HttpContext context)
+        {
+            context.Response.ContentType = "application/json";
+            var response = new
+            {
+                Status = false,
+                Code = 405,
+                Message = "The requested method is not allowed.",
+                Data = new { }
+            };
+
+            return context.Response.WriteAsJsonAsync(response);
+        }
+    }
+}

Models/Dto/AuthDto/ChangePasswordDto.cs

@@ -0,0 +1,11 @@
+#nullable disable
+using System;
+
+namespace apekade.Models.Dto.AuthDto;
+
+public class ChangePasswordDto
+{
+    public string UserId { get; set; }
+    public string OldPassword { get; set; }
+    public string NewPassword { get; set; }
+}

Models/Dto/AuthDto/LoginResDto.cs

@@ -0,0 +1,13 @@
+#nullable disable
+using System;
+
+namespace apekade.Models.Dto.AuthDto;
+
+public class LoginResDto
+{
+    public string Id { get; set; }
+    public string FirstName { get; set; }
+    public string LastName { get; set; }
+    public string Email { get; set; }
+    public string Role { get; set; }
+}

Models/Dto/BuyerDto/UpdateBuyerDto.cs

@@ -0,0 +1,11 @@
+#nullable disable
+using System;
+
+namespace apekade.Models.Dto.BuyerDto;
+
+public class UpdateBuyerDto
+{
+    public string FirstName { get; set; }
+    public string LastName { get; set; }
+}
+