Backend: - Add MaintainerUserIds to PersonUpdateDto/PersonDetailedDto - Add MaintainedPersonNames to UserInfoDto - Add IPersonRepository.SetMaintainers + implementation - PersonRepository.Find/FindVisible now include Maintainers - PersonController.Update handles maintainer assignment (admin/curator) - Fix PersonController.Update to save Visibility field - Allow curators to list all users via UserController.GetAll Frontend (PersonForm): - Add maintainer search+select UI (admin/curator only in edit mode) - Search users client-side, click to add, badge with X to remove - Saves maintainer IDs on person update Frontend (CosplayerDetail): - Show 'Maintained by: user1, user2' in header with clickable links - Pass maintainer data to PersonForm Frontend (User page): - Show 'Maintainer of: cosplayer1, cosplayer2' with links - Non-admin view: strip Email, Created, Deleted fields - Fix LoadUser to use route UserId instead of logged-in user
201 lines
7.4 KiB
C#
201 lines
7.4 KiB
C#
using Butter.Dtos;
|
|
using Butter.Dtos.Person;
|
|
using Butter.Types;
|
|
using Lactose.Mapper;
|
|
using Lactose.Repositories;
|
|
using Lactose.Services;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
namespace Lactose.Controllers;
|
|
|
|
/// <summary>
|
|
/// Manages people (faces/individuals identified in assets).
|
|
/// </summary>
|
|
[ApiController]
|
|
[Authorize]
|
|
[Route("api/[controller]")]
|
|
public class PersonController(
|
|
IPersonRepository personRepository,
|
|
IAlbumRepository albumRepository,
|
|
LactoseAuthService authService
|
|
) : ControllerBase {
|
|
/// <summary>
|
|
/// Gets a person by ID with their associated albums, filtered by access level.
|
|
/// </summary>
|
|
/// <summary>
|
|
/// Gets a person by ID with their associated albums, filtered by access level and paginated.
|
|
/// </summary>
|
|
/// <param name="id">The person ID.</param>
|
|
/// <param name="albumPaging">Pagination, search, and sort parameters for albums.</param>
|
|
/// <returns>The person details with albums, or 404 if not found.</returns>
|
|
[HttpGet("{id}")]
|
|
public ActionResult<PersonDetailedDto> Get([FromRoute] Guid id, [FromQuery] PagedSearchParametersDto albumPaging) {
|
|
var uid = authService.GetUserData(User)?.Id;
|
|
var accessLevel = authService.GetUserData(User)?.AccessLevel ?? EAccessLevel.User;
|
|
|
|
var person = personRepository.FindVisible(id, uid, accessLevel,
|
|
albumPaging.Search, albumPaging.SortBy, albumPaging.SortAsc,
|
|
albumPaging.Page, albumPaging.PageSize);
|
|
if (person == null) return NotFound();
|
|
|
|
return Ok(person.ToPersonDetailedDto(accessLevel));
|
|
}
|
|
|
|
/// <summary>
|
|
/// Searches people with pagination, optional search term, sort options, filtering out cosplayers with no visible content for non-admin users.
|
|
/// </summary>
|
|
/// <param name="pagedSearch">Pagination, search, and sort parameters.</param>
|
|
/// <returns>A paginated list of person previews.</returns>
|
|
[HttpGet]
|
|
public ActionResult<List<PersonPreviewDto>> GetAll([FromQuery] PersonSearchParametersDto pagedSearch) {
|
|
var uid = authService.GetUserData(User)?.Id;
|
|
var accessLevel = authService.GetUserData(User)?.AccessLevel ?? EAccessLevel.User;
|
|
|
|
if (pagedSearch.Page < 0 || pagedSearch.PageSize < 1 || pagedSearch.PageSize > PagedParametersDto.MaxPageSize) { return BadRequest(); }
|
|
|
|
var people = personRepository.SearchQuery(
|
|
pagedSearch.Search ?? string.Empty,
|
|
pagedSearch.Page,
|
|
pagedSearch.PageSize,
|
|
pagedSearch.SortBy,
|
|
pagedSearch.SortAsc,
|
|
uid ?? default,
|
|
accessLevel
|
|
).ToList();
|
|
return Ok(people);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Updates a person.
|
|
/// </summary>
|
|
/// <param name="id">The person ID.</param>
|
|
/// <param name="dto">The updated person data.</param>
|
|
/// <returns>200 on success.</returns>
|
|
[HttpPost("{id}")]
|
|
[Authorize(Roles = "Maintainer,Curator,Admin")]
|
|
public IActionResult Update([FromRoute] Guid id, [FromBody] PersonUpdateDto dto) {
|
|
var uid = authService.GetUserData(User)?.Id;
|
|
var accessLevel = authService.GetUserData(User)?.AccessLevel ?? EAccessLevel.User;
|
|
|
|
var person = personRepository.Find(id);
|
|
if (person == null) return NotFound();
|
|
|
|
if (accessLevel == EAccessLevel.Maintainer) {
|
|
if (uid == null || !personRepository.IsMaintainerOf(uid.Value, id))
|
|
return Forbid();
|
|
}
|
|
|
|
person.Name = dto.Name;
|
|
person.ProfileAssetId = dto.ProfileAssetId;
|
|
person.ProfileCropX = dto.ProfileCropX;
|
|
person.ProfileCropY = dto.ProfileCropY;
|
|
person.ProfileCropZoom = dto.ProfileCropZoom;
|
|
|
|
if (dto.Visibility != null && accessLevel >= EAccessLevel.Maintainer)
|
|
person.Visibility = dto.Visibility.Value;
|
|
|
|
if (dto.MaintainerUserIds != null && accessLevel >= EAccessLevel.Curator)
|
|
personRepository.SetMaintainers(person.Id, dto.MaintainerUserIds);
|
|
|
|
person.UpdatedAt = DateTime.UtcNow;
|
|
|
|
personRepository.Save();
|
|
return Ok();
|
|
}
|
|
|
|
/// <summary>
|
|
/// Updates multiple people in a bulk operation.
|
|
/// </summary>
|
|
/// <param name="personBulkDto">The bulk update data.</param>
|
|
/// <returns>200 on success.</returns>
|
|
[HttpPost]
|
|
[Authorize(Roles = "Admin, Curator")]
|
|
public IActionResult BulkUpdate([FromBody] BulkDto<PersonUpdateDto> personBulkDto) {
|
|
var people = personRepository.FindBulk(personBulkDto.Ids).ToList();
|
|
|
|
foreach (var person in people) {
|
|
person.Name = personBulkDto.Data.Name;
|
|
person.ProfileAssetId = personBulkDto.Data.ProfileAssetId;
|
|
person.ProfileCropX = personBulkDto.Data.ProfileCropX;
|
|
person.ProfileCropY = personBulkDto.Data.ProfileCropY;
|
|
person.ProfileCropZoom = personBulkDto.Data.ProfileCropZoom;
|
|
person.UpdatedAt = DateTime.UtcNow;
|
|
}
|
|
|
|
personRepository.Save();
|
|
return Ok();
|
|
}
|
|
|
|
/// <summary>
|
|
/// Deletes a person by ID (soft delete).
|
|
/// </summary>
|
|
/// <param name="id">The person ID.</param>
|
|
/// <returns>200 on success, 404 if not found.</returns>
|
|
/// <summary>
|
|
/// Deletes a person by ID (hard delete). Cascades to unlink all associated albums.
|
|
/// </summary>
|
|
/// <returns>200 on success, 404 if not found.</returns>
|
|
[HttpDelete("{id}")]
|
|
[Authorize(Roles = "Admin, Curator")]
|
|
public IActionResult Delete([FromRoute] Guid id) {
|
|
var person = personRepository.Find(id);
|
|
if (person == null) return NotFound();
|
|
|
|
// Unlink all albums owned by this person
|
|
var albums = albumRepository.FindByPerson(id).ToList();
|
|
foreach (var album in albums) {
|
|
album.PersonOwnerId = null;
|
|
}
|
|
|
|
personRepository.Remove(person);
|
|
personRepository.Save();
|
|
return Ok();
|
|
}
|
|
|
|
/// <summary>
|
|
/// Deletes multiple people in a bulk operation.
|
|
/// </summary>
|
|
/// <param name="ids">The list of person IDs to delete.</param>
|
|
/// <returns>200 on success.</returns>
|
|
/// <summary>
|
|
/// Deletes multiple people in a bulk operation (hard delete). Cascades to unlink all associated albums.
|
|
/// </summary>
|
|
/// <returns>200 on success.</returns>
|
|
[HttpDelete]
|
|
[Authorize(Roles = "Admin, Curator")]
|
|
public IActionResult BulkDelete([FromBody] List<Guid> ids) {
|
|
var people = personRepository.FindBulk(ids).ToList();
|
|
|
|
foreach (var person in people) {
|
|
// Unlink all albums owned by this person
|
|
var albums = albumRepository.FindByPerson(person.Id).ToList();
|
|
foreach (var album in albums) {
|
|
album.PersonOwnerId = null;
|
|
}
|
|
personRepository.Remove(person);
|
|
}
|
|
|
|
personRepository.Save();
|
|
return Ok();
|
|
}
|
|
|
|
/// <summary>
|
|
/// Creates a new person.
|
|
/// </summary>
|
|
/// <param name="dto">The person creation data.</param>
|
|
/// <returns>200 with the new person ID.</returns>
|
|
[HttpPut]
|
|
[Authorize(Roles = "Admin, Curator")]
|
|
public ActionResult<Guid> Create([FromBody] PersonCreateDto dto) {
|
|
var person = new Models.Person {
|
|
Id = Guid.NewGuid(),
|
|
Name = dto.Name,
|
|
ProfileAssetId = dto.ProfileAssetId,
|
|
CreatedAt = DateTime.UtcNow
|
|
};
|
|
personRepository.Insert(person);
|
|
personRepository.Save();
|
|
return Ok(person.Id);
|
|
}
|
|
} |