Moonlight/Moonlight.Api/Http/Controllers/Admin/Users/UsersController.cs

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Moonlight.Api.Database;
using Moonlight.Api.Database.Entities;
using Moonlight.Api.Mappers;
using Moonlight.Shared;
using Moonlight.Shared.Http.Requests;
using Moonlight.Shared.Http.Requests.Users;
using Moonlight.Shared.Http.Responses;
using Moonlight.Shared.Http.Responses.Users;

namespace Moonlight.Api.Http.Controllers.Admin.Users;

[Authorize]
[ApiController]
[Route("api/admin/users")]
public class UsersController : Controller
{
    private readonly DatabaseRepository<User> UserRepository;

    public UsersController(DatabaseRepository<User> userRepository)
    {
        UserRepository = userRepository;
    }

    [HttpGet]
    [Authorize(Policy = Permissions.Users.View)]
    public async Task<ActionResult<PagedData<UserDto>>> GetAsync(
        [FromQuery] int startIndex,
        [FromQuery] int length,
        [FromQuery] FilterOptions? filterOptions
    )
    {
        // Validation
        if (startIndex < 0)
            return Problem("Invalid start index specified", statusCode: 400);

        if (length is < 1 or > 100)
            return Problem("Invalid length specified");

        // Query building
        
        var query = UserRepository
            .Query();

        // Filters
        if (filterOptions != null)
        {
            foreach (var filterOption in filterOptions.Filters)
            {
                query = filterOption.Key switch
                {
                    nameof(Database.Entities.User.Email) =>
                        query.Where(user => EF.Functions.ILike(user.Email, $"%{filterOption.Value}%")),

                    nameof(Database.Entities.User.Username) =>
                        query.Where(user => EF.Functions.ILike(user.Username, $"%{filterOption.Value}%")),

                    _ => query
                };
            }
        }

        // Pagination
        var data = await query
            .OrderBy(x => x.Id)
            .ProjectToDto()
            .Skip(startIndex)
            .Take(length)
            .ToArrayAsync();

        var total = await query.CountAsync();

        return new PagedData<UserDto>(data, total);
    }

    [HttpGet("{id:int}")]
    [Authorize(Policy = Permissions.Users.View)]
    public async Task<ActionResult<UserDto>> GetAsync([FromRoute] int id)
    {
        var user = await UserRepository
            .Query()
            .FirstOrDefaultAsync(x => x.Id == id);

        if (user == null)
            return Problem("No user with this id found", statusCode: 404);

        return UserMapper.ToDto(user);
    }

    [HttpPost]
    [Authorize(Policy = Permissions.Users.Create)]
    public async Task<ActionResult<UserDto>> CreateAsync([FromBody] CreateUserDto request)
    {
        var user = UserMapper.ToEntity(request);
        user.InvalidateTimestamp = DateTimeOffset.UtcNow.AddMinutes(-1);

        var finalUser = await UserRepository.AddAsync(user);

        return UserMapper.ToDto(finalUser);
    }

    [HttpPatch("{id:int}")]
    [Authorize(Policy = Permissions.Users.Edit)]
    public async Task<ActionResult<UserDto>> UpdateAsync([FromRoute] int id, [FromBody] UpdateUserDto request)
    {
        var user = await UserRepository
            .Query()
            .FirstOrDefaultAsync(x => x.Id == id);

        if (user == null)
            return Problem("No user with this id found", statusCode: 404);

        UserMapper.Merge(user, request);
        await UserRepository.UpdateAsync(user);

        return UserMapper.ToDto(user);
    }
}