corrosion-admin-panel/backend-nest/src/modules/team/team.controller.ts

import {
  Controller,
  Get,
  Post,
  Put,
  Delete,
  Body,
  Param,
  UseGuards,
} from '@nestjs/common';
import {
  ApiTags,
  ApiBearerAuth,
  ApiOperation,
  ApiResponse,
} from '@nestjs/swagger';
import { JwtAuthGuard } from '../../common/guards/jwt-auth.guard';
import { CurrentTenant } from '../../common/decorators/current-tenant.decorator';
import { CurrentUser } from '../../common/decorators/current-user.decorator';
import { RequirePermission } from '../../common/decorators/require-permission.decorator';
import { TeamService } from './team.service';
import { InviteMemberDto } from './dto/invite-member.dto';
import { CreateRoleDto } from './dto/create-role.dto';
import { UpdateRoleDto } from './dto/update-role.dto';

@ApiTags('team')
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@Controller('team')
export class TeamController {
  constructor(private readonly teamService: TeamService) {}

  @Get()
  @RequirePermission('team.view')
  @ApiOperation({
    summary: 'Get team members and roles',
    description: 'Returns all team members with their roles and all available roles',
  })
  @ApiResponse({
    status: 200,
    description: 'Team data retrieved successfully',
  })
  async getTeam(@CurrentTenant() licenseId: string) {
    return await this.teamService.getTeam(licenseId);
  }

  @Post('invite')
  @RequirePermission('team.manage')
  @ApiOperation({
    summary: 'Invite a team member',
    description: 'Invite a user by email and assign them a role',
  })
  @ApiResponse({
    status: 201,
    description: 'Team member invited successfully',
  })
  @ApiResponse({
    status: 404,
    description: 'User not found',
  })
  @ApiResponse({
    status: 409,
    description: 'User already a team member',
  })
  async inviteMember(
    @CurrentTenant() licenseId: string,
    @CurrentUser('sub') userId: string,
    @Body() dto: InviteMemberDto,
  ) {
    return await this.teamService.inviteMember(licenseId, userId, dto);
  }

  @Delete(':id')
  @RequirePermission('team.manage')
  @ApiOperation({
    summary: 'Remove a team member',
    description: 'Remove a team member by ID',
  })
  @ApiResponse({
    status: 200,
    description: 'Team member removed successfully',
  })
  @ApiResponse({
    status: 404,
    description: 'Team member not found',
  })
  async removeMember(
    @CurrentTenant() licenseId: string,
    @Param('id') memberId: string,
  ) {
    return await this.teamService.removeMember(licenseId, memberId);
  }

  @Post('roles')
  @RequirePermission('team.manage')
  @ApiOperation({
    summary: 'Create a custom role',
    description: 'Create a new custom role for this license',
  })
  @ApiResponse({
    status: 201,
    description: 'Role created successfully',
  })
  @ApiResponse({
    status: 409,
    description: 'Role name already exists',
  })
  async createRole(
    @CurrentTenant() licenseId: string,
    @Body() dto: CreateRoleDto,
  ) {
    return await this.teamService.createRole(licenseId, dto);
  }

  @Put('roles/:id')
  @RequirePermission('team.manage')
  @ApiOperation({
    summary: 'Update a role',
    description: 'Update role permissions and details',
  })
  @ApiResponse({
    status: 200,
    description: 'Role updated successfully',
  })
  @ApiResponse({
    status: 400,
    description: 'Cannot modify system roles',
  })
  @ApiResponse({
    status: 404,
    description: 'Role not found',
  })
  async updateRole(
    @CurrentTenant() licenseId: string,
    @Param('id') roleId: string,
    @Body() dto: UpdateRoleDto,
  ) {
    return await this.teamService.updateRole(licenseId, roleId, dto);
  }

  @Delete('roles/:id')
  @RequirePermission('team.manage')
  @ApiOperation({
    summary: 'Delete a role',
    description: 'Delete a custom role (cannot delete system roles or roles in use)',
  })
  @ApiResponse({
    status: 200,
    description: 'Role deleted successfully',
  })
  @ApiResponse({
    status: 400,
    description: 'Cannot delete system roles or roles in use',
  })
  @ApiResponse({
    status: 404,
    description: 'Role not found',
  })
  async deleteRole(
    @CurrentTenant() licenseId: string,
    @Param('id') roleId: string,
  ) {
    return await this.teamService.deleteRole(licenseId, roleId);
  }
}