using GameList.Data; using GameList.Contracts; using Microsoft.AspNetCore.Mvc; using GameList.Infrastructure; namespace GameList.Endpoints; public static class AdminEndpoints { public static void MapAdminEndpoints(this IEndpointRouteBuilder app) { var admin = app.MapGroup("/api/admin").RequireAuthorization().RequireRateLimiting("admin-sensitive").AddEndpointFilter(); admin.MapPost("/results", async ([FromBody] ResultsOpenRequest request, AdminWorkflowService service) => { var result = await service.SetResultsOpenAsync(request.ResultsOpen); return result.ToHttpResult(Results.Ok); }); admin.MapGet("/vote-status", async (AdminWorkflowService service) => { var result = await service.GetVoteStatusAsync(); return result.ToHttpResult(Results.Ok); }); admin.MapPost("/joker", async ([FromBody] GrantJokerRequest request, AdminWorkflowService service) => { var result = await service.GrantJokerAsync(request.PlayerId); return result.ToHttpResult(Results.Ok); }); admin.MapPost("/player-phase", async ([FromBody] SetPlayerPhaseRequest request, AdminWorkflowService service) => { var result = await service.SetPlayerPhaseAsync(request.PlayerId, request.Phase); return result.ToHttpResult(Results.Ok); }); admin.MapPost("/player-admin", async ([FromBody] SetPlayerAdminRequest request, AdminWorkflowService service) => { var result = await service.SetPlayerAdminAsync(request.PlayerId, request.IsAdmin); return result.ToHttpResult(Results.Ok); }); admin.MapDelete("/players/{playerId:guid}", async (Guid playerId, [FromBody] AdminPasswordRequest request, HttpContext ctx, AppDbContext db, AdminWorkflowService service) => { var player = await EndpointHelpers.GetAuthenticatedPlayer(ctx, db); if (player is null) return EndpointHelpers.UnauthorizedError(); var result = await service.DeletePlayerAsync(playerId, player.Id, request.Password, ctx); return result.ToHttpResult(Results.Ok); }); admin.MapPost("/link-suggestions", async ([FromBody] LinkSuggestionsRequest request, HttpContext ctx, AppDbContext db, AdminWorkflowService service) => { var player = await EndpointHelpers.GetAuthenticatedPlayer(ctx, db); if (player is null) return EndpointHelpers.UnauthorizedError(); var result = await service.LinkSuggestionsAsync(player.Id, request.SourceSuggestionId, request.TargetSuggestionId); return result.ToHttpResult(Results.Ok); }); admin.MapPost("/unlink-suggestions", async ([FromBody] UnlinkSuggestionsRequest request, HttpContext ctx, AppDbContext db, AdminWorkflowService service) => { var player = await EndpointHelpers.GetAuthenticatedPlayer(ctx, db); if (player is null) return EndpointHelpers.UnauthorizedError(); var result = await service.UnlinkSuggestionsAsync(player.Id, request.SuggestionId); return result.ToHttpResult(Results.Ok); }); admin.MapPost("/reset", async ([FromBody] AdminPasswordRequest request, HttpContext ctx, AppDbContext db, AdminWorkflowService service) => { var player = await EndpointHelpers.GetAuthenticatedPlayer(ctx, db); if (player is null) return EndpointHelpers.UnauthorizedError(); var result = await service.ResetAsync(player.Id, request.Password, ctx); return result.ToHttpResult(Results.Ok); }); admin.MapPost("/factory-reset", async ([FromBody] AdminPasswordRequest request, HttpContext ctx, AppDbContext db, AdminWorkflowService service) => { var player = await EndpointHelpers.GetAuthenticatedPlayer(ctx, db); if (player is null) return EndpointHelpers.UnauthorizedError(); var result = await service.FactoryResetAsync(player.Id, request.Password, ctx); return result.ToHttpResult(Results.Ok); }); } }