using System.Security.Claims; using FlatRender.ContentSvc.Application.Services; using FlatRender.ContentSvc.Models.Requests; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; namespace FlatRender.ContentSvc.Controllers; [ApiController] [Route("v1/blogs")] public class BlogsController(CmsService svc) : ControllerBase { [HttpGet] public async Task List([FromQuery] BlogListRequest req) => Ok(await svc.GetBlogsAsync(req)); [HttpGet("{slug}")] public async Task Get(string slug) => Ok(await svc.GetBlogBySlugAsync(slug)); [Authorize(Roles = "Admin")] [HttpPost] public async Task Create([FromBody] CreateBlogRequest req) { var userId = User.FindFirstValue(ClaimTypes.NameIdentifier) is { } s ? Guid.Parse(s) : (Guid?)null; return Ok(await svc.CreateBlogAsync(new BlogListRequest(), req, userId)); } [Authorize(Roles = "Admin")] [HttpPut("{id:guid}")] public async Task Update(Guid id, [FromBody] UpdateBlogRequest req) => Ok(await svc.UpdateBlogAsync(id, req)); [Authorize(Roles = "Admin")] [HttpDelete("{id:guid}")] public async Task Delete(Guid id) { await svc.DeleteBlogAsync(id); return NoContent(); } } [ApiController] [Route("v1/comments")] public class CommentsController(CmsService svc) : ControllerBase { [HttpGet] public async Task List( [FromQuery] int page = 1, [FromQuery] int pageSize = 20, [FromQuery] Guid? blogId = null, [FromQuery] Guid? containerId = null, [FromQuery] bool? isApproved = null) => Ok(await svc.GetCommentsAsync(page, pageSize, blogId, containerId, isApproved)); [Authorize] [HttpPost] public async Task Create([FromBody] CreateCommentRequest req) { var userId = Guid.Parse(User.FindFirstValue(ClaimTypes.NameIdentifier)!); return Ok(await svc.CreateCommentAsync(req, userId)); } [Authorize(Roles = "Admin")] [HttpPatch("{id:guid}/approve")] public async Task Approve(Guid id, [FromQuery] bool approve = true) { await svc.ApproveCommentAsync(id, approve); return NoContent(); } [Authorize(Roles = "Admin")] [HttpDelete("{id:guid}")] public async Task Delete(Guid id) { await svc.DeleteCommentAsync(id); return NoContent(); } } [ApiController] [Route("v1/slides")] public class SlidesController(CmsService svc) : ControllerBase { [HttpGet] public async Task Get([FromQuery] Guid? tenantId = null) => Ok(await svc.GetSlidesAsync(tenantId)); [Authorize(Roles = "Admin")] [HttpPost] public async Task Create([FromBody] CreateSlideRequest req) => Ok(await svc.CreateSlideAsync(req)); [Authorize(Roles = "Admin")] [HttpDelete("{id:guid}")] public async Task Delete(Guid id) { await svc.DeleteSlideAsync(id); return NoContent(); } } [ApiController] [Route("v1/home-events")] public class HomePageEventsController(CmsService svc) : ControllerBase { [HttpGet] public async Task Get([FromQuery] Guid? tenantId = null, [FromQuery] bool includeInactive = false) => Ok(await svc.GetHomePageEventsAsync(tenantId, includeInactive)); [Authorize(Roles = "Admin")] [HttpPost] public async Task Create([FromBody] UpsertHomeEventRequest req) => Ok(await svc.CreateHomeEventAsync(req)); [Authorize(Roles = "Admin")] [HttpPut("{id:guid}")] public async Task Update(Guid id, [FromBody] UpsertHomeEventRequest req) => Ok(await svc.UpdateHomeEventAsync(id, req)); [Authorize(Roles = "Admin")] [HttpDelete("{id:guid}")] public async Task Delete(Guid id) { await svc.DeleteHomeEventAsync(id); return NoContent(); } } [ApiController] [Route("v1/settings")] public class WebsiteSettingsController(CmsService svc) : ControllerBase { [HttpGet] public async Task Get([FromQuery] Guid? tenantId = null) => Ok(await svc.GetSettingsAsync(tenantId, includeSecret: false)); [Authorize(Roles = "Admin")] [HttpGet("all")] public async Task GetAll([FromQuery] Guid? tenantId = null) => Ok(await svc.GetSettingsAsync(tenantId, includeSecret: true)); [Authorize(Roles = "Admin")] [HttpPut] public async Task Upsert([FromQuery] Guid? tenantId, [FromBody] UpsertWebsiteSettingRequest req) => Ok(await svc.UpsertSettingAsync(tenantId, req)); } [ApiController] [Route("v1/favorites")] [Authorize] public class FavoritesController(CmsService svc) : ControllerBase { private Guid UserId => Guid.Parse(User.FindFirstValue(ClaimTypes.NameIdentifier)!); private Guid TenantId => Guid.Parse(User.FindFirstValue("tenant_id") ?? "00000000-0000-0000-0000-000000000001"); [HttpGet("folders")] public async Task GetFolders() => Ok(await svc.GetFavoriteFoldersAsync(UserId)); [HttpPost("folders")] public async Task CreateFolder([FromBody] CreateFavoriteFolderRequest req) => Ok(await svc.CreateFavoriteFolderAsync(UserId, TenantId, req)); [HttpDelete("folders/{id:guid}")] public async Task DeleteFolder(Guid id) { await svc.DeleteFavoriteFolderAsync(UserId, id); return NoContent(); } [HttpPost("containers")] public async Task AddContainer([FromBody] AddFavoriteContainerRequest req) { await svc.AddFavoriteContainerAsync(UserId, TenantId, req); return NoContent(); } [HttpDelete("containers/{containerId:guid}")] public async Task RemoveContainer(Guid containerId) { await svc.RemoveFavoriteContainerAsync(UserId, containerId); return NoContent(); } } [ApiController] [Route("v1/routes")] public class RoutesController(CmsService svc) : ControllerBase { [HttpGet] public async Task List([FromQuery] Guid? tenantId = null) => Ok(await svc.GetRoutesAsync(tenantId)); [Authorize(Roles = "Admin")] [HttpPost] public async Task Create([FromBody] UpsertRouteRequest req) => Ok(await svc.CreateRouteAsync(req)); [Authorize(Roles = "Admin")] [HttpPut("{id:guid}")] public async Task Update(Guid id, [FromBody] UpsertRouteRequest req) => Ok(await svc.UpdateRouteAsync(id, req)); [Authorize(Roles = "Admin")] [HttpDelete("{id:guid}")] public async Task Delete(Guid id) { await svc.DeleteRouteAsync(id); return NoContent(); } }