From c0860b05d100b63e9961f9f3c539fa9d7545dbbc Mon Sep 17 00:00:00 2001
From: martinshoob <velebilmartin@gmail.com>
Date: Sun, 10 Aug 2025 13:55:20 +0200
Subject: [PATCH] Enable admin status management

Adds functionality to allow administrators to modify the admin status of other users.

Introduces an endpoint for changing user admin status, accessible only to existing administrators.
This change includes necessary services and request models to handle the logic.
---
 DrinkRateAPI/Controllers/AdminController.cs   | 38 +++++++++++++++++++
 DrinkRateAPI/Program.cs                       |  3 ++
 .../Requests/ChangeUserAdminStatusRequest.cs  |  7 ++++
 DrinkRateAPI/Services/UserProfileService.cs   | 34 +++++++++++++++++
 4 files changed, 82 insertions(+)
 create mode 100644 DrinkRateAPI/Controllers/AdminController.cs
 create mode 100644 DrinkRateAPI/Requests/ChangeUserAdminStatusRequest.cs
 create mode 100644 DrinkRateAPI/Services/UserProfileService.cs

diff --git a/DrinkRateAPI/Controllers/AdminController.cs b/DrinkRateAPI/Controllers/AdminController.cs
new file mode 100644
index 0000000..6c42c67
--- /dev/null
+++ b/DrinkRateAPI/Controllers/AdminController.cs
@@ -0,0 +1,38 @@
+using DrinkRateAPI.Requests;
+using DrinkRateAPI.Services;
+using Microsoft.AspNetCore.Mvc;
+
+namespace DrinkRateAPI.Controllers;
+
+[ApiController]
+[Route("[controller]")]
+public class AdminController : ControllerBase
+{
+    private readonly ILogger<AdminController> _logger;
+    private readonly ApplicationUserService _applicationUserService;
+    private readonly UserProfileService _userProfileService;
+
+    public AdminController(ILogger<AdminController> logger, ApplicationUserService applicationUserService,
+        UserProfileService userProfileService)
+    {
+        _logger = logger;
+        _applicationUserService = applicationUserService;
+        _userProfileService = userProfileService;
+    }
+
+    [HttpPut]
+    [Route("[action]")]
+    [Produces("application/json")]
+    public async Task<IActionResult> PutUserAdminStatus([FromBody] ChangeUserAdminStatusRequest request)
+    {
+        var userProfile = await _applicationUserService.UserProfileByApplicationUserAsync(User);
+        if (!_userProfileService.IsUserProfileAdmin(userProfile))
+        {
+            return Unauthorized();
+        }
+
+        var changedProfile = _userProfileService.ChangeUserAdminStatus(request.UserId, request.ChangeStatusTo);
+        
+        return Ok(changedProfile);
+    }
+}
diff --git a/DrinkRateAPI/Program.cs b/DrinkRateAPI/Program.cs
index 1faf6d8..acdcb89 100644
--- a/DrinkRateAPI/Program.cs
+++ b/DrinkRateAPI/Program.cs
@@ -1,5 +1,6 @@
 using DrinkRateAPI.Contexts;
 using DrinkRateAPI.DbEntities;
+using DrinkRateAPI.Services;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.OpenApi.Models;
 
@@ -50,6 +51,8 @@ builder.Services.AddSwaggerGen(c =>
 });
 
 builder.Services.AddDbContext<ApplicationDbContext>();
+builder.Services.AddScoped<ApplicationUserService>();
+builder.Services.AddScoped<UserProfileService>();
 
 var app = builder.Build();
 
diff --git a/DrinkRateAPI/Requests/ChangeUserAdminStatusRequest.cs b/DrinkRateAPI/Requests/ChangeUserAdminStatusRequest.cs
new file mode 100644
index 0000000..03ac6f2
--- /dev/null
+++ b/DrinkRateAPI/Requests/ChangeUserAdminStatusRequest.cs
@@ -0,0 +1,7 @@
+namespace DrinkRateAPI.Requests;
+
+public class ChangeUserAdminStatusRequest
+{
+    public required string UserId { get; set; }
+    public bool ChangeStatusTo { get; set; }
+}
\ No newline at end of file
diff --git a/DrinkRateAPI/Services/UserProfileService.cs b/DrinkRateAPI/Services/UserProfileService.cs
new file mode 100644
index 0000000..7daa187
--- /dev/null
+++ b/DrinkRateAPI/Services/UserProfileService.cs
@@ -0,0 +1,34 @@
+using System.Security.Claims;
+using DrinkRateAPI.Contexts;
+using DrinkRateAPI.DbEntities;
+using DrinkRateAPI.Exceptions;
+using Microsoft.EntityFrameworkCore;
+
+namespace DrinkRateAPI.Services;
+
+public class UserProfileService(ApplicationDbContext context)
+{
+    private ApplicationDbContext _context = context;
+
+    public bool IsUserProfileAdmin(DbUserProfile userProfile)
+    {
+        return userProfile.IsAdmin;
+    }
+
+    public DbUserProfile ChangeUserAdminStatus(string userId, bool changeStatusTo)
+    {
+        var userProfile = GetUserProfileById(userId);
+        userProfile.IsAdmin = changeStatusTo;
+        _context.UserProfiles.Update(userProfile);
+        _context.SaveChanges();
+
+        return userProfile;
+    }
+
+    public DbUserProfile GetUserProfileById(string userId)
+    {
+        var userProfile = _context.UserProfiles.FirstOrDefault(x => x.Id.ToString() == userId);
+
+        return userProfile ?? throw new KeyNotFoundException($"User with ID {userId} not found");
+    }
+}
\ No newline at end of file