@onahhas/hello-dev 1.0.0 → 1.0.1

package/backend/Controllers/UsersController.cs

@@ -0,0 +1,181 @@
+using DevTasks.Api.Data;
+using DevTasks.Api.Dtos;
+using DevTasks.Api.Enums;
+using DevTasks.Api.Extensions;
+using DevTasks.Api.Models;
+using DevTasks.Api.Services;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+
+namespace DevTasks.Api.Controllers;
+
+[ApiController]
+[Route("api/[controller]")]
+[Authorize(Roles = nameof(UserRole.Admin))]
+public sealed class UsersController : ControllerBase
+{
+    private readonly AppDbContext _db;
+    private readonly PasswordHasher _passwordHasher;
+    private readonly ActivityService _activity;
+
+    public UsersController(
+        AppDbContext db,
+        PasswordHasher passwordHasher,
+        ActivityService activity)
+    {
+        _db = db;
+        _passwordHasher = passwordHasher;
+        _activity = activity;
+    }
+
+    [HttpGet]
+    public async Task<ActionResult<IReadOnlyList<UserResponse>>> GetUsers()
+    {
+        var users = await _db.Users
+            .AsNoTracking()
+            .OrderByDescending(x => x.CreatedAt)
+            .ToListAsync();
+
+        return Ok(users.Select(ToResponse).ToList());
+    }
+
+    [HttpPost]
+    public async Task<ActionResult<UserResponse>> CreateUser(CreateUserRequest request)
+    {
+        var validation = ValidateCreate(request);
+        if (validation is not null)
+        {
+            return BadRequest(new { message = validation });
+        }
+
+        var email = request.Email.Trim().ToLowerInvariant();
+        if (await _db.Users.AnyAsync(x => x.Email == email))
+        {
+            return Conflict(new { message = "Email is already used." });
+        }
+
+        var user = new AppUser
+        {
+            FullName = request.FullName.Trim(),
+            Email = email,
+            PasswordHash = _passwordHasher.Hash(request.Password),
+            Role = request.Role,
+            IsActive = request.IsActive,
+            CreatedAt = DateTime.UtcNow
+        };
+
+        _db.Users.Add(user);
+        await _db.SaveChangesAsync();
+        await _activity.AddAsync("User added", "User", user.Id.ToString(), User.GetUserId());
+
+        return CreatedAtAction(nameof(GetUsers), new { id = user.Id }, ToResponse(user));
+    }
+
+    [HttpPut("{id:guid}")]
+    public async Task<ActionResult<UserResponse>> UpdateUser(Guid id, UpdateUserRequest request)
+    {
+        var user = await _db.Users.FindAsync(id);
+        if (user is null)
+        {
+            return NotFound(new { message = "User was not found." });
+        }
+
+        if (!string.IsNullOrWhiteSpace(request.Email))
+        {
+            var email = request.Email.Trim().ToLowerInvariant();
+            var used = await _db.Users.AnyAsync(x => x.Id != id && x.Email == email);
+            if (used)
+            {
+                return Conflict(new { message = "Email is already used." });
+            }
+
+            user.Email = email;
+        }
+
+        if (!string.IsNullOrWhiteSpace(request.FullName))
+        {
+            user.FullName = request.FullName.Trim();
+        }
+
+        if (!string.IsNullOrWhiteSpace(request.Password))
+        {
+            if (request.Password.Length < 6)
+            {
+                return BadRequest(new { message = "Password must be at least 6 characters." });
+            }
+
+            user.PasswordHash = _passwordHasher.Hash(request.Password);
+        }
+
+        if (request.Role.HasValue)
+        {
+            user.Role = request.Role.Value;
+        }
+
+        if (request.IsActive.HasValue)
+        {
+            user.IsActive = request.IsActive.Value;
+        }
+
+        await _db.SaveChangesAsync();
+        await _activity.AddAsync("User edited", "User", user.Id.ToString(), User.GetUserId());
+
+        return Ok(ToResponse(user));
+    }
+
+    [HttpDelete("{id:guid}")]
+    public async Task<IActionResult> DeleteUser(Guid id)
+    {
+        var currentUserId = User.GetUserId();
+        if (id == currentUserId)
+        {
+            return BadRequest(new { message = "You cannot deactivate your own user." });
+        }
+
+        var user = await _db.Users.FindAsync(id);
+        if (user is null)
+        {
+            return NotFound(new { message = "User was not found." });
+        }
+
+        user.IsActive = false;
+        await _db.SaveChangesAsync();
+        await _activity.AddAsync("User deactivated", "User", user.Id.ToString(), currentUserId);
+
+        return NoContent();
+    }
+
+    private static UserResponse ToResponse(AppUser user)
+    {
+        return new UserResponse
+        {
+            Id = user.Id,
+            FullName = user.FullName,
+            Email = user.Email,
+            Role = user.Role,
+            IsActive = user.IsActive,
+            CreatedAt = user.CreatedAt
+        };
+    }
+
+    private static string? ValidateCreate(CreateUserRequest request)
+    {
+        if (string.IsNullOrWhiteSpace(request.FullName))
+        {
+            return "Full name is required.";
+        }
+
+        if (string.IsNullOrWhiteSpace(request.Email) || !request.Email.Contains('@'))
+        {
+            return "Valid email is required.";
+        }
+
+        if (string.IsNullOrWhiteSpace(request.Password) || request.Password.Length < 6)
+        {
+            return "Password must be at least 6 characters.";
+        }
+
+        return null;
+    }
+}

package/backend/Data/AppDbContext.cs

@@ -0,0 +1,93 @@
+using DevTasks.Api.Enums;
+using DevTasks.Api.Models;
+using Microsoft.EntityFrameworkCore;
+
+namespace DevTasks.Api.Data;
+
+public sealed class AppDbContext : DbContext
+{
+    public AppDbContext(DbContextOptions<AppDbContext> options) : base(options)
+    {
+    }
+
+    public DbSet<AppUser> Users => Set<AppUser>();
+    public DbSet<TaskItem> TaskItems => Set<TaskItem>();
+    public DbSet<TaskEditRequest> TaskEditRequests => Set<TaskEditRequest>();
+    public DbSet<ActivityLog> ActivityLogs => Set<ActivityLog>();
+
+    protected override void OnModelCreating(ModelBuilder modelBuilder)
+    {
+        base.OnModelCreating(modelBuilder);
+
+        modelBuilder.Entity<AppUser>(entity =>
+        {
+            entity.HasKey(x => x.Id);
+            entity.Property(x => x.FullName).HasMaxLength(120).IsRequired();
+            entity.Property(x => x.Email).HasMaxLength(180).IsRequired();
+            entity.HasIndex(x => x.Email).IsUnique();
+            entity.Property(x => x.PasswordHash).IsRequired();
+            entity.Property(x => x.Role).HasConversion<string>().HasMaxLength(20);
+        });
+
+        modelBuilder.Entity<TaskItem>(entity =>
+        {
+            entity.HasKey(x => x.Id);
+            entity.Property(x => x.Id).ValueGeneratedOnAdd();
+            entity.Property(x => x.Title).HasMaxLength(160).IsRequired();
+            entity.Property(x => x.Description).HasMaxLength(4000);
+            entity.Property(x => x.Status).HasConversion<string>().HasMaxLength(30);
+            entity.Property(x => x.Priority).HasConversion<string>().HasMaxLength(20);
+            entity.Property(x => x.Visibility).HasConversion<string>().HasMaxLength(20);
+
+            entity.HasOne(x => x.CreatedByUser)
+                .WithMany(x => x.CreatedTasks)
+                .HasForeignKey(x => x.CreatedByUserId)
+                .OnDelete(DeleteBehavior.Restrict);
+
+            entity.HasOne(x => x.AssignedToUser)
+                .WithMany(x => x.AssignedTasks)
+                .HasForeignKey(x => x.AssignedToUserId)
+                .OnDelete(DeleteBehavior.SetNull);
+        });
+
+        modelBuilder.Entity<TaskEditRequest>(entity =>
+        {
+            entity.HasKey(x => x.Id);
+            entity.Property(x => x.Title).HasMaxLength(160);
+            entity.Property(x => x.Description).HasMaxLength(4000);
+            entity.Property(x => x.Status).HasConversion<string>().HasMaxLength(30);
+            entity.Property(x => x.Priority).HasConversion<string>().HasMaxLength(20);
+            entity.Property(x => x.Visibility).HasConversion<string>().HasMaxLength(20);
+            entity.Property(x => x.StatusOfRequest).HasConversion<string>().HasMaxLength(20);
+            entity.Property(x => x.OwnerNote).HasMaxLength(800);
+
+            entity.HasOne(x => x.TaskItem)
+                .WithMany(x => x.EditRequests)
+                .HasForeignKey(x => x.TaskItemId)
+                .OnDelete(DeleteBehavior.Cascade);
+
+            entity.HasOne(x => x.RequestedByUser)
+                .WithMany()
+                .HasForeignKey(x => x.RequestedByUserId)
+                .OnDelete(DeleteBehavior.Restrict);
+
+            entity.HasOne(x => x.AssignedToUser)
+                .WithMany()
+                .HasForeignKey(x => x.AssignedToUserId)
+                .OnDelete(DeleteBehavior.SetNull);
+        });
+
+        modelBuilder.Entity<ActivityLog>(entity =>
+        {
+            entity.HasKey(x => x.Id);
+            entity.Property(x => x.Action).HasMaxLength(250).IsRequired();
+            entity.Property(x => x.EntityName).HasMaxLength(80).IsRequired();
+            entity.Property(x => x.EntityId).HasMaxLength(80).IsRequired();
+
+            entity.HasOne(x => x.User)
+                .WithMany()
+                .HasForeignKey(x => x.UserId)
+                .OnDelete(DeleteBehavior.Restrict);
+        });
+    }
+}

package/backend/Data/DbSeeder.cs

@@ -0,0 +1,122 @@
+using DevTasks.Api.Enums;
+using DevTasks.Api.Models;
+using DevTasks.Api.Services;
+using Microsoft.EntityFrameworkCore;
+
+namespace DevTasks.Api.Data;
+
+public static class DbSeeder
+{
+    public static async Task SeedAsync(AppDbContext db, PasswordHasher hasher)
+    {
+        if (await db.Users.AnyAsync())
+        {
+            return;
+        }
+
+        var admin = new AppUser
+        {
+            Id = Guid.Parse("aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa"),
+            FullName = "System Admin",
+            Email = "admin@devtasks.local",
+            PasswordHash = hasher.Hash("Admin123!"),
+            Role = UserRole.Admin,
+            IsActive = true,
+            CreatedAt = DateTime.UtcNow
+        };
+
+        var programmer = new AppUser
+        {
+            Id = Guid.Parse("bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb"),
+            FullName = "Demo Programmer",
+            Email = "programmer@devtasks.local",
+            PasswordHash = hasher.Hash("User123!"),
+            Role = UserRole.User,
+            IsActive = true,
+            CreatedAt = DateTime.UtcNow
+        };
+
+        db.Users.AddRange(admin, programmer);
+
+        var now = DateTime.UtcNow;
+        var tasks = new List<TaskItem>
+        {
+            new()
+            {
+                Title = "Build login screen",
+                Description = "Create the minimal auth page and connect it with JWT login.",
+                Status = TaskState.Done,
+                Priority = TaskPriority.High,
+                Visibility = TaskVisibility.Public,
+                CreatedByUserId = admin.Id,
+                AssignedToUserId = programmer.Id,
+                DueDate = now.AddDays(-1),
+                CreatedAt = now.AddDays(-6),
+                UpdatedAt = now.AddDays(-2)
+            },
+            new()
+            {
+                Title = "Create task board",
+                Description = "Add drag and drop between Todo, In Progress, Done, and Cancelled.",
+                Status = TaskState.InProgress,
+                Priority = TaskPriority.High,
+                Visibility = TaskVisibility.Public,
+                CreatedByUserId = programmer.Id,
+                AssignedToUserId = programmer.Id,
+                DueDate = now.AddDays(3),
+                CreatedAt = now.AddDays(-4),
+                UpdatedAt = now.AddDays(-1)
+            },
+            new()
+            {
+                Title = "Write API validation notes",
+                Description = "Document required fields and possible validation errors.",
+                Status = TaskState.Todo,
+                Priority = TaskPriority.Medium,
+                Visibility = TaskVisibility.Private,
+                CreatedByUserId = programmer.Id,
+                AssignedToUserId = programmer.Id,
+                DueDate = now.AddDays(5),
+                CreatedAt = now.AddDays(-2),
+                UpdatedAt = now.AddDays(-2)
+            },
+            new()
+            {
+                Title = "Clean activity log UI",
+                Description = "Make the activity page readable and useful for admins.",
+                Status = TaskState.Todo,
+                Priority = TaskPriority.Low,
+                Visibility = TaskVisibility.Public,
+                CreatedByUserId = admin.Id,
+                AssignedToUserId = admin.Id,
+                DueDate = now.AddDays(8),
+                CreatedAt = now.AddDays(-1),
+                UpdatedAt = now.AddDays(-1)
+            }
+        };
+
+        db.TaskItems.AddRange(tasks);
+        await db.SaveChangesAsync();
+
+        db.ActivityLogs.AddRange(
+            new ActivityLog
+            {
+                Action = "Seeded the first admin user",
+                EntityName = "User",
+                EntityId = admin.Id.ToString(),
+                UserId = admin.Id,
+                CreatedAt = now.AddDays(-7)
+            },
+            new ActivityLog
+            {
+                Action = "Seeded demo tasks",
+                EntityName = "Task",
+                EntityId = tasks[0].Id.ToString(),
+                UserId = admin.Id,
+                CreatedAt = now.AddDays(-6)
+            }
+        );
+
+        await db.SaveChangesAsync();
+    }
+}

package/backend/DevTasks.Api.csproj

@@ -0,0 +1,13 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+  <PropertyGroup>
+    <TargetFramework>net8.0</TargetFramework>
+    <Nullable>enable</Nullable>
+    <ImplicitUsings>enable</ImplicitUsings>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.*" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="8.*" />
+    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="8.*" />
+  </ItemGroup>
+</Project>

package/backend/Dtos/ActivityDtos.cs

@@ -0,0 +1,12 @@
+namespace DevTasks.Api.Dtos;
+
+public sealed class ActivityLogResponse
+{
+    public Guid Id { get; set; }
+    public string Action { get; set; } = string.Empty;
+    public string EntityName { get; set; } = string.Empty;
+    public string EntityId { get; set; } = string.Empty;
+    public Guid UserId { get; set; }
+    public string UserFullName { get; set; } = string.Empty;
+    public DateTime CreatedAt { get; set; }
+}

package/backend/Dtos/AuthDtos.cs

@@ -0,0 +1,37 @@
+using DevTasks.Api.Enums;
+
+namespace DevTasks.Api.Dtos;
+
+public sealed class RegisterRequest
+{
+    public string FullName { get; set; } = string.Empty;
+    public string Email { get; set; } = string.Empty;
+    public string Password { get; set; } = string.Empty;
+}
+
+public sealed class RegisterResponse
+{
+    public string Message { get; set; } = string.Empty;
+}
+
+public sealed class LoginRequest
+{
+    public string Email { get; set; } = string.Empty;
+    public string Password { get; set; } = string.Empty;
+}
+
+public sealed class AuthResponse
+{
+    public string Token { get; set; } = string.Empty;
+    public UserResponse User { get; set; } = new();
+}
+
+public sealed class UserResponse
+{
+    public Guid Id { get; set; }
+    public string FullName { get; set; } = string.Empty;
+    public string Email { get; set; } = string.Empty;
+    public UserRole Role { get; set; }
+    public bool IsActive { get; set; }
+    public DateTime CreatedAt { get; set; }
+}

package/backend/Dtos/TaskDtos.cs

@@ -0,0 +1,104 @@
+using DevTasks.Api.Enums;
+
+namespace DevTasks.Api.Dtos;
+
+public sealed class TaskResponse
+{
+    public int Id { get; set; }
+    public string Title { get; set; } = string.Empty;
+    public string Description { get; set; } = string.Empty;
+    public TaskState Status { get; set; }
+    public TaskPriority Priority { get; set; }
+    public TaskVisibility Visibility { get; set; }
+    public DateTime? DueDate { get; set; }
+    public Guid CreatedByUserId { get; set; }
+    public string CreatedByFullName { get; set; } = string.Empty;
+    public Guid? AssignedToUserId { get; set; }
+    public string? AssignedToFullName { get; set; }
+    public DateTime CreatedAt { get; set; }
+    public DateTime UpdatedAt { get; set; }
+    public bool IsOverdue { get; set; }
+    public int PendingEditRequestCount { get; set; }
+}
+
+public sealed class CreateTaskRequest
+{
+    public string Title { get; set; } = string.Empty;
+    public string Description { get; set; } = string.Empty;
+    public TaskState Status { get; set; } = TaskState.Todo;
+    public TaskPriority Priority { get; set; } = TaskPriority.Medium;
+    public TaskVisibility Visibility { get; set; } = TaskVisibility.Private;
+    public DateTime? DueDate { get; set; }
+    public Guid? AssignedToUserId { get; set; }
+}
+
+public sealed class UpdateTaskRequest
+{
+    public string? Title { get; set; }
+    public string? Description { get; set; }
+    public TaskState? Status { get; set; }
+    public TaskPriority? Priority { get; set; }
+    public TaskVisibility? Visibility { get; set; }
+    public DateTime? DueDate { get; set; }
+    public bool ClearDueDate { get; set; }
+    public Guid? AssignedToUserId { get; set; }
+    public bool ClearAssignedUser { get; set; }
+}
+
+public sealed class UpdateTaskStatusRequest
+{
+    public TaskState Status { get; set; }
+}
+
+public sealed class TaskQuery
+{
+    public string? Q { get; set; }
+    public TaskState? Status { get; set; }
+    public TaskPriority? Priority { get; set; }
+    public TaskVisibility? Visibility { get; set; }
+    public Guid? AssignedToUserId { get; set; }
+    public DateTime? DueFrom { get; set; }
+    public DateTime? DueTo { get; set; }
+}
+
+public sealed class CreateTaskEditRequest
+{
+    public string? Title { get; set; }
+    public string? Description { get; set; }
+    public TaskState? Status { get; set; }
+    public TaskPriority? Priority { get; set; }
+    public TaskVisibility? Visibility { get; set; }
+    public DateTime? DueDate { get; set; }
+    public bool ClearDueDate { get; set; }
+    public Guid? AssignedToUserId { get; set; }
+    public bool ClearAssignedUser { get; set; }
+}
+
+public sealed class ResolveTaskEditRequest
+{
+    public string? OwnerNote { get; set; }
+}
+
+public sealed class TaskEditRequestResponse
+{
+    public Guid Id { get; set; }
+    public int TaskId { get; set; }
+    public string TaskTitle { get; set; } = string.Empty;
+    public Guid RequestedByUserId { get; set; }
+    public string RequestedByFullName { get; set; } = string.Empty;
+    public string RequestedByEmail { get; set; } = string.Empty;
+    public string? Title { get; set; }
+    public string? Description { get; set; }
+    public TaskState? Status { get; set; }
+    public TaskPriority? Priority { get; set; }
+    public TaskVisibility? Visibility { get; set; }
+    public DateTime? DueDate { get; set; }
+    public bool ClearDueDate { get; set; }
+    public Guid? AssignedToUserId { get; set; }
+    public string? AssignedToFullName { get; set; }
+    public bool ClearAssignedUser { get; set; }
+    public EditRequestStatus StatusOfRequest { get; set; }
+    public string? OwnerNote { get; set; }
+    public DateTime CreatedAt { get; set; }
+    public DateTime? ResolvedAt { get; set; }
+}

package/backend/Dtos/UserDtos.cs

@@ -0,0 +1,29 @@
+using DevTasks.Api.Enums;
+
+namespace DevTasks.Api.Dtos;
+
+public sealed class CreateUserRequest
+{
+    public string FullName { get; set; } = string.Empty;
+    public string Email { get; set; } = string.Empty;
+    public string Password { get; set; } = string.Empty;
+    public UserRole Role { get; set; } = UserRole.User;
+    public bool IsActive { get; set; } = true;
+}
+
+public sealed class UpdateUserRequest
+{
+    public string? FullName { get; set; }
+    public string? Email { get; set; }
+    public string? Password { get; set; }
+    public UserRole? Role { get; set; }
+    public bool? IsActive { get; set; }
+}
+
+public sealed class UpdateProfileRequest
+{
+    public string? FullName { get; set; }
+    public string? Email { get; set; }
+    public string? CurrentPassword { get; set; }
+    public string? NewPassword { get; set; }
+}

package/backend/Enums/EditRequestStatus.cs

@@ -0,0 +1,8 @@
+namespace DevTasks.Api.Enums;
+
+public enum EditRequestStatus
+{
+    Pending = 0,
+    Accepted = 1,
+    Rejected = 2
+}

package/backend/Enums/TaskPriority.cs

@@ -0,0 +1,8 @@
+namespace DevTasks.Api.Enums;
+
+public enum TaskPriority
+{
+    Low = 0,
+    Medium = 1,
+    High = 2
+}

package/backend/Enums/TaskState.cs

@@ -0,0 +1,9 @@
+namespace DevTasks.Api.Enums;
+
+public enum TaskState
+{
+    Todo = 0,
+    InProgress = 1,
+    Done = 2,
+    Cancelled = 3
+}

package/backend/Enums/TaskVisibility.cs

@@ -0,0 +1,7 @@
+namespace DevTasks.Api.Enums;
+
+public enum TaskVisibility
+{
+    Private = 0,
+    Public = 1
+}

package/backend/Enums/UserRole.cs

@@ -0,0 +1,7 @@
+namespace DevTasks.Api.Enums;
+
+public enum UserRole
+{
+    User = 0,
+    Admin = 1
+}

package/backend/Extensions/ClaimsPrincipalExtensions.cs

@@ -0,0 +1,23 @@
+using System.Security.Claims;
+using DevTasks.Api.Enums;
+
+namespace DevTasks.Api.Extensions;
+
+public static class ClaimsPrincipalExtensions
+{
+    public static Guid GetUserId(this ClaimsPrincipal user)
+    {
+        var value = user.FindFirstValue(ClaimTypes.NameIdentifier);
+        if (string.IsNullOrWhiteSpace(value))
+        {
+            throw new UnauthorizedAccessException("Missing user id claim.");
+        }
+
+        return Guid.Parse(value);
+    }
+
+    public static bool IsAdmin(this ClaimsPrincipal user)
+    {
+        return user.IsInRole(UserRole.Admin.ToString());
+    }
+}

package/backend/Models/ActivityLog.cs

@@ -0,0 +1,12 @@
+namespace DevTasks.Api.Models;
+
+public sealed class ActivityLog
+{
+    public Guid Id { get; set; } = Guid.NewGuid();
+    public string Action { get; set; } = string.Empty;
+    public string EntityName { get; set; } = string.Empty;
+    public string EntityId { get; set; } = string.Empty;
+    public Guid UserId { get; set; }
+    public AppUser? User { get; set; }
+    public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
+}