DoroBooks

.gitignore

@@ -0,0 +1,9 @@
+bin/
+obj/
+x64/
+x86/
+[Bb]in/
+[Oo]bj/
+[Oo]ut/
+*.log
+*.nupkg

Controllers/book/BookController.cs

@@ -0,0 +1,111 @@
+using api.Model;
+using api.Repositories.book;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace api.Controllers.book
+{
+    [Route("api/[controller]")]
+    [ApiController]
+    public class BookController : ControllerBase
+    {
+        private readonly IBookRepository _bookRepository;
+
+        public BookController(IBookRepository bookRepository)
+        {
+            _bookRepository = bookRepository;
+        }
+
+        /// <summary>
+        /// Get all books in asceding order. Any user can submit this request.
+        /// </summary>
+        [HttpGet]
+        [AllowAnonymous]
+        public async Task<ActionResult<IEnumerable<Book>>> GetBooks(int pageNumber = 1, int pageSize = 10, string orderBy = "id", string search = "")
+        {
+            var books = await _bookRepository.Get(pageNumber, pageSize, orderBy, search);
+
+            if (books == null || !books.Any())
+                return NotFound();
+
+            return Ok(books);
+        }
+
+        /// <summary>
+        /// Get book by Id. Any user can submit this request.
+        /// </summary>
+        /// <param name="Id"></param>
+        [HttpGet("{Id}")]
+        [AllowAnonymous]
+        public async Task<ActionResult<Book>> GetBookById([FromRoute] int Id)
+        {
+            var book = await _bookRepository.Get(Id);
+            if (book == null) return NotFound();
+
+            return Ok(book);
+        }
+
+        /// <summary>
+        /// Create book. Only users with ADMIN and EMPLOYEE privileges can make this request.
+        /// </summary>
+        /// <param name="book"></param>
+        /// <returns></returns>
+        [HttpPost]
+        [Authorize(Roles = "ADMIN,EMPLOYEE")]
+        public async Task<ActionResult<Book>> CreateBook([FromBody] Book book)
+        {
+            if (!ModelState.IsValid)
+                return BadRequest(ModelState);
+
+            var existingBook = await _bookRepository.Get(book.Author, book.Title);
+
+            if (existingBook != null)
+            {
+                return BadRequest(new { message = "A book with the same author and title already exists" });
+            }
+
+            var createBook = await _bookRepository.Post(book);
+            return CreatedAtAction(nameof(GetBookById), new { id = createBook.Id }, createBook);
+        }
+
+        /// <summary>
+        /// Update Book. Only users with ADMIN and EMPLOYEE privileges can make this request.
+        /// </summary>
+        /// <param name="Id"></param>
+        /// <param name="book"></param>
+        [HttpPut("{Id}")]
+        [Authorize(Roles = "ADMIN,EMPLOYEE")]
+        public async Task<ActionResult> UpdateBook([FromRoute] int Id, [FromBody] Book book)
+        {
+            if (Id != book.Id)
+                return BadRequest(StatusCode(400));
+
+            var existingBook = await _bookRepository.Get(Id);
+            if (existingBook == null)
+                return NotFound();
+
+            await _bookRepository.Put(book);
+            return NoContent();
+        }
+
+        /// <summary>
+        /// Delete Books. Only users with ADMIN privileges can make this request.
+        /// </summary>
+        /// <param name="Id"></param>
+        [HttpDelete("{Id}")]
+        [Authorize(Roles = "ADMIN")]
+        public async Task<ActionResult> DeleteBook([FromRoute] int Id)
+        {
+            var book = await _bookRepository.Get(Id);
+            if (book == null)
+                return NotFound();
+
+            await _bookRepository.Delete(book.Id);
+            return NoContent();
+
+        }
+    }
+}

Controllers/category/CategoryController.cs

@@ -0,0 +1,36 @@
+using api.Model;
+using api.Repositories.category;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using System.Threading.Tasks;
+
+namespace api.Controllers.category
+{
+
+    [Route("api/[controller]")]
+    [ApiController]
+    public class CategoryController : ControllerBase
+    {
+        private readonly ICategoryRepository _categoryRepository;
+
+        public CategoryController(ICategoryRepository categoryRepository)
+        {
+            _categoryRepository = categoryRepository;
+        }
+
+        /// <summary>
+        /// Create Category. Only users with ADMIN privileges can make this request.
+        /// </summary>
+        /// <param name="category"></param>
+        [HttpPost]
+        [Authorize(Roles = "ADMIN, EMPLOYEE")]
+        public async Task<ActionResult<Category>> CreateCategory([FromBody] Category category)
+        {
+            if (!ModelState.IsValid)
+                return BadRequest(ModelState);
+
+            var createCategory = await _categoryRepository.Post(category);
+            return CreatedAtAction(nameof(CreateCategory), new { id = createCategory.Id }, createCategory);
+        }
+    }
+}

Controllers/user/UserController.cs

@@ -0,0 +1,98 @@
+using api.Model;
+using api.Repositories.user;
+using api.Services;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using System.Collections;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+
+namespace api.Controllers.user
+{
+    [Route("api/")]
+    [ApiController]
+    public class UserController : ControllerBase
+    {
+
+        private readonly IUserRepository _userRepository;
+        private readonly TokenService _tokenService;
+
+        public UserController(IUserRepository userRepository, TokenService tokenService)
+        {
+            _userRepository = userRepository;
+            _tokenService = tokenService;
+        }
+
+        /// <summary>
+        /// Register User. Any user can submit this request.
+        /// </summary>
+        /// <param name="users"></param>
+        [HttpPost("register")]
+        [AllowAnonymous]
+        public async Task<IActionResult> Register([FromBody] Users users)
+        {
+            var existingUser = await _userRepository.Get(users.Id);
+
+            if (existingUser != null)
+            {
+                return BadRequest(new { message = "user already exists" });
+            }
+
+            var user = new Users
+            {
+                Username = users.Username,
+                Password = users.Password,
+                Role = users.Role,
+            };
+
+            if (!ModelState.IsValid)
+                return BadRequest(ModelState);
+
+            if (string.IsNullOrEmpty(users.Username))
+                return StatusCode(400, new { message = "Username is null. please, enter a user to create your credentials." });
+
+            user.Password = "";
+
+            var token = _tokenService.GenerateToken(user);
+
+            return Ok(new { user, token });
+        }
+
+        /// <summary>
+        /// Login. Any user can submit this request.
+        /// </summary>
+        /// <param name="login"></param>
+        [HttpPost("login")]
+        [AllowAnonymous]
+        public async Task<ActionResult<Users>> Login([FromBody] Login login)
+        {
+            var user = await _userRepository.Get(login.Username, login.Password);
+
+            if (user == null)
+                return StatusCode(404, new { message = "User not found!" });
+
+            if (string.IsNullOrEmpty(user.Username))
+                return StatusCode(500, new { message = "Username is null or empty!" });
+
+            var token = _tokenService.GenerateToken(user);
+
+            user.Password = "";
+
+            return Ok(new { user, token });
+        }
+
+        /// <summary>
+        /// Get all users. Only users with ADMIN privileges can make this request.
+        /// </summary>
+        [HttpGet("users")]
+        [Authorize(Roles = "ADMIN")]
+        public async Task<ActionResult<IEnumerable<Users>>> GetUsers()
+        {
+            var user = await _userRepository.Get();
+            if (user == null)
+                return NotFound();
+
+            return Ok(user);
+        }
+    }
+}