LingAdmin/Backend/Services/AuthorizationService/LingAdmin.AuthorizationService/Controllers/RolesController.cs

using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization;
using LingAdmin.AuthorizationService.Services;
using LingAdmin.Shared.DTOs;

namespace LingAdmin.AuthorizationService.Controllers;

/// <summary>
/// 角色管理控制器
/// </summary>
[ApiController]
[Route("api/[controller]")]
[Authorize(Roles = "Admin,SuperAdmin")]
public class RolesController : ControllerBase
{
    private readonly IRoleService _roleService;
    private readonly ILogger<RolesController> _logger;

    public RolesController(IRoleService roleService, ILogger<RolesController> logger)
    {
        _roleService = roleService;
        _logger = logger;
    }

    /// <summary>
    /// 获取所有角色
    /// </summary>
    [HttpGet]
    public async Task<ActionResult<ApiResponse<IEnumerable<RoleDto>>>> GetRoles()
    {
        var roles = await _roleService.GetAllRolesAsync();
        return Ok(ApiResponse<IEnumerable<RoleDto>>.Ok(roles));
    }

    /// <summary>
    /// 获取单个角色
    /// </summary>
    [HttpGet("{id}")]
    public async Task<ActionResult<ApiResponse<RoleDto>>> GetRole(int id)
    {
        var role = await _roleService.GetRoleByIdAsync(id);
        
        if (role == null)
        {
            return NotFound(ApiResponse<RoleDto>.NotFound("Role not found"));
        }

        return Ok(ApiResponse<RoleDto>.Ok(role));
    }

    /// <summary>
    /// 创建角色
    /// </summary>
    [HttpPost]
    public async Task<ActionResult<ApiResponse<RoleDto>>> CreateRole([FromBody] CreateRoleRequest request)
    {
        try
        {
            // Check if code already exists
            var existing = await _roleService.GetRoleByCodeAsync(request.Code);
            if (existing != null)
            {
                return BadRequest(ApiResponse<RoleDto>.Error("Role with this code already exists"));
            }

            var role = await _roleService.CreateRoleAsync(request);
            return CreatedAtAction(nameof(GetRole), new { id = role.Id }, 
                ApiResponse<RoleDto>.Created(role, "Role created successfully"));
        }
        catch (Exception ex)
        {
            _logger.LogError(ex, "Error creating role");
            return StatusCode(500, ApiResponse<RoleDto>.Error("Failed to create role", 500));
        }
    }

    /// <summary>
    /// 更新角色
    /// </summary>
    [HttpPut("{id}")]
    public async Task<ActionResult<ApiResponse<RoleDto>>> UpdateRole(int id, [FromBody] UpdateRoleRequest request)
    {
        try
        {
            var role = await _roleService.UpdateRoleAsync(id, request);
            
            if (role == null)
            {
                return NotFound(ApiResponse<RoleDto>.NotFound("Role not found"));
            }

            return Ok(ApiResponse<RoleDto>.Ok(role, "Role updated successfully"));
        }
        catch (InvalidOperationException ex)
        {
            return BadRequest(ApiResponse<RoleDto>.Error(ex.Message));
        }
        catch (Exception ex)
        {
            _logger.LogError(ex, "Error updating role");
            return StatusCode(500, ApiResponse<RoleDto>.Error("Failed to update role", 500));
        }
    }

    /// <summary>
    /// 删除角色
    /// </summary>
    [HttpDelete("{id}")]
    [Authorize(Roles = "SuperAdmin")]
    public async Task<ActionResult<ApiResponse<object>>> DeleteRole(int id)
    {
        try
        {
            var result = await _roleService.DeleteRoleAsync(id);
            
            if (!result)
            {
                return NotFound(ApiResponse<object>.NotFound("Role not found"));
            }

            return Ok(ApiResponse<object>.Ok(new { }, "Role deleted successfully"));
        }
        catch (InvalidOperationException ex)
        {
            return BadRequest(ApiResponse<object>.Error(ex.Message));
        }
        catch (Exception ex)
        {
            _logger.LogError(ex, "Error deleting role");
            return StatusCode(500, ApiResponse<object>.Error("Failed to delete role", 500));
        }
    }

    /// <summary>
    /// 分配角色给用户
    /// </summary>
    [HttpPost("assign")]
    public async Task<ActionResult<ApiResponse<object>>> AssignRoles([FromBody] AssignRolesRequest request)
    {
        try
        {
            var result = await _roleService.AssignRolesToUserAsync(request.UserId, request.RoleIds);
            return Ok(ApiResponse<object>.Ok(new { }, "Roles assigned successfully"));
        }
        catch (Exception ex)
        {
            _logger.LogError(ex, "Error assigning roles");
            return StatusCode(500, ApiResponse<object>.Error("Failed to assign roles", 500));
        }
    }

    /// <summary>
    /// 获取用户的角色
    /// </summary>
    [HttpGet("user/{userId}")]
    public async Task<ActionResult<ApiResponse<IEnumerable<string>>>> GetUserRoles(int userId)
    {
        var roles = await _roleService.GetUserRolesAsync(userId);
        return Ok(ApiResponse<IEnumerable<string>>.Ok(roles));
    }

    /// <summary>
    /// 移除用户的角色
    /// </summary>
    [HttpPost("revoke")]
    public async Task<ActionResult<ApiResponse<object>>> RevokeRoles([FromBody] AssignRolesRequest request)
    {
        try
        {
            var result = await _roleService.RemoveRolesFromUserAsync(request.UserId, request.RoleIds);
            return Ok(ApiResponse<object>.Ok(new { }, "Roles revoked successfully"));
        }
        catch (Exception ex)
        {
            _logger.LogError(ex, "Error revoking roles");
            return StatusCode(500, ApiResponse<object>.Error("Failed to revoke roles", 500));
        }
    }
}