soroushdes/flatrender
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3091911260e2d00e22359e7fd2543e909da7bd74
flatrender/services/identity/FlatRender.IdentitySvc/Controllers/UsersController.cs
T
soroush.asadi 3091911260
Build backend images / build content-svc (push) Failing after 1s
Details
Build backend images / build file-svc (push) Failing after 1s
Details
Build backend images / build gateway (push) Failing after 0s
Details
Build backend images / build identity-svc (push) Failing after 0s
Details
Build backend images / build notification-svc (push) Failing after 1s
Details
Build backend images / build render-svc (push) Failing after 1s
Details
Build backend images / build studio-svc (push) Failing after 1s
Details
feat(admin): affiliate/personal discounts, user-videos, internal routes, authz 
Closes the remaining legacy-admin gaps:
- Users «مدیریت» modal: create personal discount or affiliate code (owner_user_id +
  owner_profit_percentage on existing /v1/discounts), and view the user's saved
  projects ("videos") via new admin GET /v1/saved-projects/by-user/{id} (studio)
- Internal routes admin (/admin/routes): CRUD on content.internal_routes
  (RoutesController + CmsService + gateway /v1/routes/*)
- Security: lock identity UsersController Search + Ban to [Authorize(Roles="Admin")]

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-02 22:42:01 +03:30

64 lines
2.3 KiB
C#
Raw Blame History

using FlatRender.IdentitySvc.Application.Services.Interfaces;
using FlatRender.IdentitySvc.Models.Requests;
using FlatRender.IdentitySvc.Models.Responses;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace FlatRender.IdentitySvc.Controllers;
[ApiController]
[Route("v1/users")]
[Authorize]
public class UsersController(IUserService userService) : ControllerBase
{
[HttpGet("me")]
[ProducesResponseType(typeof(UserResponse), 200)]
public async Task<IActionResult> GetMe()
=> Ok(await userService.GetMeAsync(GetUserId()));
[HttpPatch("me")]
[ProducesResponseType(typeof(UserResponse), 200)]
public async Task<IActionResult> UpdateMe([FromBody] UpdateUserRequest request)
=> Ok(await userService.UpdateMeAsync(GetUserId(), request));
[HttpGet("me/balance")]
[ProducesResponseType(typeof(BalanceResponse), 200)]
public async Task<IActionResult> GetBalance()
=> Ok(await userService.GetBalanceAsync(GetUserId()));
[HttpPost("me/avatar")]
public async Task<IActionResult> SetAvatar([FromBody] SetAvatarRequest request)
{
await userService.UpdateAvatarAsync(GetUserId(), request.AvatarId, request.AvatarUrl);
return Ok();
}
[HttpGet("{userId:guid}")]
[ProducesResponseType(typeof(UserResponse), 200)]
[ProducesResponseType(404)]
public async Task<IActionResult> GetById(Guid userId)
=> Ok(await userService.GetByIdAsync(userId));
[HttpGet]
[Authorize(Roles = "Admin")]
[ProducesResponseType(typeof(PagedResponse<UserResponse>), 200)]
public async Task<IActionResult> Search(
[FromQuery] string? q,
[FromQuery] Guid? tenantId,
[FromQuery] int page = 1,
[FromQuery] int pageSize = 20)
=> Ok(await userService.SearchAsync(q, tenantId, page, pageSize));
[HttpPost("{userId:guid}/ban")]
[Authorize(Roles = "Admin")]
[ProducesResponseType(204)]
public async Task<IActionResult> Ban(Guid userId, [FromBody] BanUserRequest request)
{
await userService.BanAsync(userId, request.Reason, request.UnblockDate);
return NoContent();
}
private Guid GetUserId() => Guid.Parse(User.FindFirst(System.Security.Claims.ClaimTypes.NameIdentifier)?.Value
?? User.FindFirst("sub")?.Value ?? throw new UnauthorizedAccessException());
}
Reference in New Issue View Git Blame Copy Permalink