Chris Chen
52 lines
2.6 KiB
C#
52 lines
2.6 KiB
C#
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using ROLAC.API.Authorization;
|
|
using ROLAC.API.DTOs.Expense;
|
|
using ROLAC.API.Services;
|
|
|
|
namespace ROLAC.API.Controllers;
|
|
|
|
[ApiController]
|
|
[Route("api/expense-categories")]
|
|
[Authorize] // read (GetAll) is open to any authenticated user — the member self-service
|
|
// reimbursement form needs the category list. Write actions are finance-only below.
|
|
public class ExpenseCategoriesController : ControllerBase
|
|
{
|
|
private readonly IExpenseCategoryService _svc;
|
|
public ExpenseCategoriesController(IExpenseCategoryService svc) => _svc = svc;
|
|
|
|
[HttpGet]
|
|
public async Task<IActionResult> GetAll([FromQuery] bool includeInactive = false)
|
|
=> Ok(await _svc.GetAllAsync(includeInactive));
|
|
|
|
[HttpPost("groups")]
|
|
[HasPermission(Modules.ExpenseCategories, PermissionActions.Write)]
|
|
public async Task<IActionResult> CreateGroup([FromBody] CreateExpenseGroupRequest r)
|
|
=> Ok(new { id = await _svc.CreateGroupAsync(r) });
|
|
|
|
[HttpPut("groups/{id:int}")]
|
|
[HasPermission(Modules.ExpenseCategories, PermissionActions.Write)]
|
|
public async Task<IActionResult> UpdateGroup(int id, [FromBody] UpdateExpenseGroupRequest r)
|
|
{ try { await _svc.UpdateGroupAsync(id, r); return NoContent(); } catch (KeyNotFoundException) { return NotFound(); } }
|
|
|
|
[HttpDelete("groups/{id:int}")]
|
|
[HasPermission(Modules.ExpenseCategories, PermissionActions.Delete)]
|
|
public async Task<IActionResult> DeactivateGroup(int id)
|
|
{ try { await _svc.DeactivateGroupAsync(id); return NoContent(); } catch (KeyNotFoundException) { return NotFound(); } }
|
|
|
|
[HttpPost("subcategories")]
|
|
[HasPermission(Modules.ExpenseCategories, PermissionActions.Write)]
|
|
public async Task<IActionResult> CreateSub([FromBody] CreateExpenseSubCategoryRequest r)
|
|
{ try { return Ok(new { id = await _svc.CreateSubCategoryAsync(r) }); } catch (KeyNotFoundException) { return NotFound(); } }
|
|
|
|
[HttpPut("subcategories/{id:int}")]
|
|
[HasPermission(Modules.ExpenseCategories, PermissionActions.Write)]
|
|
public async Task<IActionResult> UpdateSub(int id, [FromBody] UpdateExpenseSubCategoryRequest r)
|
|
{ try { await _svc.UpdateSubCategoryAsync(id, r); return NoContent(); } catch (KeyNotFoundException) { return NotFound(); } }
|
|
|
|
[HttpDelete("subcategories/{id:int}")]
|
|
[HasPermission(Modules.ExpenseCategories, PermissionActions.Delete)]
|
|
public async Task<IActionResult> DeactivateSub(int id)
|
|
{ try { await _svc.DeactivateSubCategoryAsync(id); return NoContent(); } catch (KeyNotFoundException) { return NotFound(); } }
|
|
}
|