soroush.asadi
3091911260
Build backend images / build content-svc (push) Failing after 1s
Build backend images / build file-svc (push) Failing after 1s
Build backend images / build gateway (push) Failing after 0s
Build backend images / build identity-svc (push) Failing after 0s
Build backend images / build notification-svc (push) Failing after 1s
Build backend images / build render-svc (push) Failing after 1s
Build backend images / build studio-svc (push) Failing after 1s
Closes the remaining legacy-admin gaps:
- Users «مدیریت» modal: create personal discount or affiliate code (owner_user_id +
owner_profit_percentage on existing /v1/discounts), and view the user's saved
projects ("videos") via new admin GET /v1/saved-projects/by-user/{id} (studio)
- Internal routes admin (/admin/routes): CRUD on content.internal_routes
(RoutesController + CmsService + gateway /v1/routes/*)
- Security: lock identity UsersController Search + Ban to [Authorize(Roles="Admin")]
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
211 lines
6.7 KiB
C#
211 lines
6.7 KiB
C#
using System.Security.Claims;
|
|
using FlatRender.ContentSvc.Application.Services;
|
|
using FlatRender.ContentSvc.Models.Requests;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
namespace FlatRender.ContentSvc.Controllers;
|
|
|
|
[ApiController]
|
|
[Route("v1/blogs")]
|
|
public class BlogsController(CmsService svc) : ControllerBase
|
|
{
|
|
[HttpGet]
|
|
public async Task<IActionResult> List([FromQuery] BlogListRequest req) =>
|
|
Ok(await svc.GetBlogsAsync(req));
|
|
|
|
[HttpGet("{slug}")]
|
|
public async Task<IActionResult> Get(string slug) =>
|
|
Ok(await svc.GetBlogBySlugAsync(slug));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpPost]
|
|
public async Task<IActionResult> Create([FromBody] CreateBlogRequest req)
|
|
{
|
|
var userId = User.FindFirstValue(ClaimTypes.NameIdentifier) is { } s ? Guid.Parse(s) : (Guid?)null;
|
|
return Ok(await svc.CreateBlogAsync(new BlogListRequest(), req, userId));
|
|
}
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpPut("{id:guid}")]
|
|
public async Task<IActionResult> Update(Guid id, [FromBody] UpdateBlogRequest req) =>
|
|
Ok(await svc.UpdateBlogAsync(id, req));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpDelete("{id:guid}")]
|
|
public async Task<IActionResult> Delete(Guid id)
|
|
{
|
|
await svc.DeleteBlogAsync(id);
|
|
return NoContent();
|
|
}
|
|
}
|
|
|
|
[ApiController]
|
|
[Route("v1/comments")]
|
|
public class CommentsController(CmsService svc) : ControllerBase
|
|
{
|
|
[HttpGet]
|
|
public async Task<IActionResult> List(
|
|
[FromQuery] int page = 1, [FromQuery] int pageSize = 20,
|
|
[FromQuery] Guid? blogId = null, [FromQuery] Guid? containerId = null,
|
|
[FromQuery] bool? isApproved = null) =>
|
|
Ok(await svc.GetCommentsAsync(page, pageSize, blogId, containerId, isApproved));
|
|
|
|
[Authorize]
|
|
[HttpPost]
|
|
public async Task<IActionResult> Create([FromBody] CreateCommentRequest req)
|
|
{
|
|
var userId = Guid.Parse(User.FindFirstValue(ClaimTypes.NameIdentifier)!);
|
|
return Ok(await svc.CreateCommentAsync(req, userId));
|
|
}
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpPatch("{id:guid}/approve")]
|
|
public async Task<IActionResult> Approve(Guid id, [FromQuery] bool approve = true)
|
|
{
|
|
await svc.ApproveCommentAsync(id, approve);
|
|
return NoContent();
|
|
}
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpDelete("{id:guid}")]
|
|
public async Task<IActionResult> Delete(Guid id)
|
|
{
|
|
await svc.DeleteCommentAsync(id);
|
|
return NoContent();
|
|
}
|
|
}
|
|
|
|
[ApiController]
|
|
[Route("v1/slides")]
|
|
public class SlidesController(CmsService svc) : ControllerBase
|
|
{
|
|
[HttpGet]
|
|
public async Task<IActionResult> Get([FromQuery] Guid? tenantId = null) =>
|
|
Ok(await svc.GetSlidesAsync(tenantId));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpPost]
|
|
public async Task<IActionResult> Create([FromBody] CreateSlideRequest req) =>
|
|
Ok(await svc.CreateSlideAsync(req));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpDelete("{id:guid}")]
|
|
public async Task<IActionResult> Delete(Guid id)
|
|
{
|
|
await svc.DeleteSlideAsync(id);
|
|
return NoContent();
|
|
}
|
|
}
|
|
|
|
[ApiController]
|
|
[Route("v1/home-events")]
|
|
public class HomePageEventsController(CmsService svc) : ControllerBase
|
|
{
|
|
[HttpGet]
|
|
public async Task<IActionResult> Get([FromQuery] Guid? tenantId = null, [FromQuery] bool includeInactive = false) =>
|
|
Ok(await svc.GetHomePageEventsAsync(tenantId, includeInactive));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpPost]
|
|
public async Task<IActionResult> Create([FromBody] UpsertHomeEventRequest req) =>
|
|
Ok(await svc.CreateHomeEventAsync(req));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpPut("{id:guid}")]
|
|
public async Task<IActionResult> Update(Guid id, [FromBody] UpsertHomeEventRequest req) =>
|
|
Ok(await svc.UpdateHomeEventAsync(id, req));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpDelete("{id:guid}")]
|
|
public async Task<IActionResult> Delete(Guid id)
|
|
{
|
|
await svc.DeleteHomeEventAsync(id);
|
|
return NoContent();
|
|
}
|
|
}
|
|
|
|
[ApiController]
|
|
[Route("v1/settings")]
|
|
public class WebsiteSettingsController(CmsService svc) : ControllerBase
|
|
{
|
|
[HttpGet]
|
|
public async Task<IActionResult> Get([FromQuery] Guid? tenantId = null) =>
|
|
Ok(await svc.GetSettingsAsync(tenantId, includeSecret: false));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpGet("all")]
|
|
public async Task<IActionResult> GetAll([FromQuery] Guid? tenantId = null) =>
|
|
Ok(await svc.GetSettingsAsync(tenantId, includeSecret: true));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpPut]
|
|
public async Task<IActionResult> Upsert([FromQuery] Guid? tenantId, [FromBody] UpsertWebsiteSettingRequest req) =>
|
|
Ok(await svc.UpsertSettingAsync(tenantId, req));
|
|
}
|
|
|
|
[ApiController]
|
|
[Route("v1/favorites")]
|
|
[Authorize]
|
|
public class FavoritesController(CmsService svc) : ControllerBase
|
|
{
|
|
private Guid UserId => Guid.Parse(User.FindFirstValue(ClaimTypes.NameIdentifier)!);
|
|
private Guid TenantId => Guid.Parse(User.FindFirstValue("tenant_id") ?? "00000000-0000-0000-0000-000000000001");
|
|
|
|
[HttpGet("folders")]
|
|
public async Task<IActionResult> GetFolders() =>
|
|
Ok(await svc.GetFavoriteFoldersAsync(UserId));
|
|
|
|
[HttpPost("folders")]
|
|
public async Task<IActionResult> CreateFolder([FromBody] CreateFavoriteFolderRequest req) =>
|
|
Ok(await svc.CreateFavoriteFolderAsync(UserId, TenantId, req));
|
|
|
|
[HttpDelete("folders/{id:guid}")]
|
|
public async Task<IActionResult> DeleteFolder(Guid id)
|
|
{
|
|
await svc.DeleteFavoriteFolderAsync(UserId, id);
|
|
return NoContent();
|
|
}
|
|
|
|
[HttpPost("containers")]
|
|
public async Task<IActionResult> AddContainer([FromBody] AddFavoriteContainerRequest req)
|
|
{
|
|
await svc.AddFavoriteContainerAsync(UserId, TenantId, req);
|
|
return NoContent();
|
|
}
|
|
|
|
[HttpDelete("containers/{containerId:guid}")]
|
|
public async Task<IActionResult> RemoveContainer(Guid containerId)
|
|
{
|
|
await svc.RemoveFavoriteContainerAsync(UserId, containerId);
|
|
return NoContent();
|
|
}
|
|
}
|
|
|
|
[ApiController]
|
|
[Route("v1/routes")]
|
|
public class RoutesController(CmsService svc) : ControllerBase
|
|
{
|
|
[HttpGet]
|
|
public async Task<IActionResult> List([FromQuery] Guid? tenantId = null) =>
|
|
Ok(await svc.GetRoutesAsync(tenantId));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpPost]
|
|
public async Task<IActionResult> Create([FromBody] UpsertRouteRequest req) =>
|
|
Ok(await svc.CreateRouteAsync(req));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpPut("{id:guid}")]
|
|
public async Task<IActionResult> Update(Guid id, [FromBody] UpsertRouteRequest req) =>
|
|
Ok(await svc.UpdateRouteAsync(id, req));
|
|
|
|
[Authorize(Roles = "Admin")]
|
|
[HttpDelete("{id:guid}")]
|
|
public async Task<IActionResult> Delete(Guid id)
|
|
{
|
|
await svc.DeleteRouteAsync(id);
|
|
return NoContent();
|
|
}
|
|
}
|