Changed authorization for get requests

Author: folathecoder

Controllers/NftLikeController.cs

@@ -10,19 +10,19 @@ namespace MARKETPLACEAPI.Controllers;
 [ApiController]
 [Produces("application/json")]
 [Consumes("application/json")]
-[Authorize]
 [Route("api/nftlikes/[controller]")]
 public class NftLikeController : ControllerBase
 {
     private readonly INftLikeService _nftLikeService;
     private readonly INftService _nftService;
     private readonly IMapper _mapper;
 
-    public NftLikeController(INftLikeService nftLikeService, INftService nftService, IMapper mapper)  {
-    _nftLikeService = nftLikeService;
-    _nftService = nftService;
-    _mapper = mapper;
-  }
+    public NftLikeController(INftLikeService nftLikeService, INftService nftService, IMapper mapper)
+    {
+        _nftLikeService = nftLikeService;
+        _nftService = nftService;
+        _mapper = mapper;
+    }
 
     [HttpGet]
     [ProducesResponseType(typeof(IList<NftLike>), 200)]
@@ -44,6 +44,7 @@ public async Task<IActionResult> Get(string id)
     }
 
     [HttpPost]
+    [Authorize]
     [ProducesResponseType(StatusCodes.Status201Created)]
     [ProducesResponseType(StatusCodes.Status400BadRequest)]
     [ProducesResponseType(StatusCodes.Status404NotFound)]
@@ -61,7 +62,7 @@ public async Task<IActionResult> Post(NftLikeCreateDto newNftLike)
 
         if (nftLike != null)
         {
-            return BadRequest("You already liked this NFT");
+            return Ok(nftLike);
         }
 
         var newLike = _mapper.Map<NftLike>(newNftLike);
@@ -76,6 +77,7 @@ public async Task<IActionResult> Post(NftLikeCreateDto newNftLike)
     }
 
     [HttpPatch("{id:length(24)}")]
+    [Authorize]
     public async Task<IActionResult> Update(string id, NftLike updatedNftLike)
     {
         var nftLike = await _nftLikeService.GetAsync(id);
@@ -93,19 +95,20 @@ public async Task<IActionResult> Update(string id, NftLike updatedNftLike)
     }
 
     [HttpDelete("{id:length(24)}")]
+    [Authorize]
     public async Task<IActionResult> Delete(string id)
-    {   
+    {
         var userId = HttpContext.Request.Headers["userId"].ToString();
         var nftLike = await _nftLikeService.GetAsync(id);
 
         if (nftLike is null)
         {
-            return NotFound();
+            return NoContent();
         }
 
         if (nftLike.userId != userId)
         {
-            return BadRequest("You can only delete your own likes");
+            return NoContent();
         }
 
         var nft = await _nftService.GetAsync(nftLike.nftId!);
@@ -138,7 +141,7 @@ public async Task<IActionResult> GetNftLikeByNftId([FromQuery] string nftId)
     public async Task<IActionResult> GetNftLikesByUserId([FromQuery] string userId) =>
         Ok(await _nftLikeService.GetNftLikesByUserId(userId));
 
-    
+
     [HttpGet("get-by-user-id-and-nft-id")]
     [ProducesResponseType(typeof(NftLike), 200)]
     public async Task<IActionResult> GetNftLikeByUserIdAndNftId([FromQuery] string userId, [FromQuery] string nftId)

Controllers/ProjectDetailController.cs

@@ -10,18 +10,18 @@ namespace MARKETPLACEAPI.Controllers;
 [ApiController]
 [Produces("application/json")]
 [Consumes("application/json")]
-[Authorize]
 [Route("api/project-details/[controller]")]
 public class ProjectDetailController : ControllerBase
 {
     private readonly IProjectDetailService _projectDetailService;
     private readonly IMapper _mapper;
 
-    public ProjectDetailController(IProjectDetailService projectDetailService, IMapper mapper) {
+    public ProjectDetailController(IProjectDetailService projectDetailService, IMapper mapper)
+    {
         _projectDetailService = projectDetailService;
         _mapper = mapper;
     }
-        
+
 
     [HttpGet]
     [ProducesResponseType(typeof(IList<ProjectDetail>), 200)]
@@ -43,23 +43,25 @@ public async Task<IActionResult> Get(string id)
     }
 
     [HttpPost]
+    [Authorize]
     public async Task<IActionResult> Post(ProjectDetailCreateDto newProjectDetail)
     {
         var existingProjectDetail = await _projectDetailService.GetProjectDetailsByProjectId(newProjectDetail.projectId!);
 
-        // if (existingProjectDetail is not null)
-        // {
-        //     return Conflict("Project Details already exists for this project.");
-        // }
+        if (existingProjectDetail is not null)
+        {
+            return Conflict("Project Details already exists for this project.");
+        }
 
-    var projectDetail = _mapper.Map<ProjectDetail>(newProjectDetail);
+        var projectDetail = _mapper.Map<ProjectDetail>(newProjectDetail);
 
-    await _projectDetailService.CreateAsync(projectDetail);
+        await _projectDetailService.CreateAsync(projectDetail);
 
         return CreatedAtAction(nameof(Get), new { id = projectDetail.projectDetailId }, projectDetail);
     }
-    
+
     [HttpPatch("{id:length(24)}")]
+    [Authorize]
     public async Task<IActionResult> Update(string id, ProjectDetailCreateDto updatedProjectDetail)
     {
         var projectDetail = await _projectDetailService.GetAsync(id);
@@ -77,6 +79,7 @@ public async Task<IActionResult> Update(string id, ProjectDetailCreateDto update
     }
 
     [HttpDelete("{id:length(24)}")]
+    [Authorize]
     public async Task<IActionResult> Delete(string id)
     {
         var projectDetail = await _projectDetailService.GetAsync(id);

Controllers/ProjectLikeController.cs

@@ -10,20 +10,20 @@ namespace MARKETPLACEAPI.Controllers;
 [ApiController]
 [Produces("application/json")]
 [Consumes("application/json")]
-[Authorize]
 [Route("api/project-likes/[controller]")]
 public class ProjectLikeController : ControllerBase
 {
-  private readonly IProjectLikeService _projectLikeService;
-  private readonly IProjectService _projectService;
-  private readonly IMapper _mapper;
-
-  public ProjectLikeController(IProjectLikeService projectLikeService, IProjectService projectService, IMapper mapper) {
-    _projectLikeService = projectLikeService;
-    _projectService = projectService;
-    _mapper = mapper;
+    private readonly IProjectLikeService _projectLikeService;
+    private readonly IProjectService _projectService;
+    private readonly IMapper _mapper;
+
+    public ProjectLikeController(IProjectLikeService projectLikeService, IProjectService projectService, IMapper mapper)
+    {
+        _projectLikeService = projectLikeService;
+        _projectService = projectService;
+        _mapper = mapper;
     }
-     
+
 
     [HttpGet]
     [ProducesResponseType(typeof(IList<ProjectLike>), 200)]
@@ -34,84 +34,94 @@ public async Task<IActionResult> Get() =>
     [ProducesResponseType(typeof(ProjectLike), 200)]
     public async Task<IActionResult> Get(string id)
     {
-    var projectLike = await _projectLikeService.GetAsync(id);
+        var projectLike = await _projectLikeService.GetAsync(id);
 
-    if (projectLike is null)
-    {
-        return NotFound();
-    }
+        if (projectLike is null)
+        {
+            return NotFound();
+        }
 
-    return Ok(projectLike);
+        return Ok(projectLike);
     }
 
     [HttpPost]
+    [Authorize]
     public async Task<IActionResult> Post(ProjectLikeCreateDto newProjectLike)
     {
-    var userId = HttpContext.Request.Headers["userId"].ToString();
-    var existingProjectLike = await _projectLikeService.GetProjectLikeByUserIdAndProjectId(
-        userId, newProjectLike.projectId);
+        var userId = HttpContext.Request.Headers["userId"].ToString();
+        var existingProjectLike = await _projectLikeService.GetProjectLikeByUserIdAndProjectId(
+            userId, newProjectLike.projectId);
 
-    if (existingProjectLike is not null) {
-        return Conflict("Project Like already exists for this user and project.");
-    }
+        if (existingProjectLike is not null)
+        {
+            return Ok(existingProjectLike);
+        }
 
-    var projectLike = _mapper.Map<ProjectLike>(newProjectLike);
-    projectLike.userId = userId;
-    var project = await _projectService.GetAsync(projectLike.projectId);
+        var projectLike = _mapper.Map<ProjectLike>(newProjectLike);
+        projectLike.userId = userId;
+        var project = await _projectService.GetAsync(projectLike.projectId);
 
-    if (project is null)
-    {
-        return NotFound();
-    }
-    await _projectLikeService.CreateAsync(projectLike);
-    
+        if (project is null)
+        {
+            return NotFound();
+        }
+        await _projectLikeService.CreateAsync(projectLike);
 
-    project.noOfLikes += 1;
-    await _projectService.UpdateAsync(projectLike.projectId, project);
 
-    return CreatedAtAction(nameof(Get), new { id = projectLike.projectLikeId }, projectLike);
+        project.noOfLikes += 1;
+        await _projectService.UpdateAsync(projectLike.projectId, project);
+
+        return CreatedAtAction(nameof(Get), new { id = projectLike.projectLikeId }, projectLike);
     }
 
     [HttpPatch("{id:length(24)}")]
+    [Authorize]
     public async Task<IActionResult> Update(string id, ProjectLike updatedProjectLike)
     {
-    var projectLike = await _projectLikeService.GetAsync(id);
+        var projectLike = await _projectLikeService.GetAsync(id);
 
-    if (projectLike is null)
-    {
-        return NotFound();
-    }
+        if (projectLike is null)
+        {
+            return NotFound();
+        }
 
-    updatedProjectLike.projectLikeId = projectLike.projectLikeId;
+        updatedProjectLike.projectLikeId = projectLike.projectLikeId;
 
-    await _projectLikeService.UpdateAsync(id, updatedProjectLike);
+        await _projectLikeService.UpdateAsync(id, updatedProjectLike);
 
-    return NoContent();
+        return NoContent();
     }
 
     [HttpDelete("{id:length(24)}")]
+    [Authorize]
     public async Task<IActionResult> Delete(string id)
     {
-    var projectLike = await _projectLikeService.GetAsync(id);
-    if (projectLike is null)
-    {
-        return NotFound();
-    }
-    var project = await _projectService.GetAsync(projectLike.projectId!);
+        var projectLike = await _projectLikeService.GetAsync(id);
+        var userId = HttpContext.Request.Headers["userId"].ToString();
+        if (projectLike is null)
+        {
+            return NoContent();
+        }
 
-    if (project is null)
-    {
-        return NotFound("Project not found.");
-    }
+        if (projectLike.userId != userId)
+        {
+            return NoContent();
+        }
+        var project = await _projectService.GetAsync(projectLike.projectId!);
 
-    project.noOfLikes -= 1;
-    await _projectService.UpdateAsync(projectLike.projectId!, project);
+        if (project is null)
+        {
+            return NoContent();
+        }
+
+        project.noOfLikes -= 1;
+        await _projectService.UpdateAsync(projectLike.projectId!, project);
 
 
-    await _projectLikeService.RemoveAsync(id);
+        await _projectLikeService.RemoveAsync(id);
 
 
-    return NoContent();
+        return NoContent();
     }
 
     [HttpGet("get-by-projectid")]
@@ -126,13 +136,14 @@ public async Task<IActionResult> GetByUserId([FromQuery] string userId) =>
 
     [HttpGet("get-by-userid-and-projectid")]
     [ProducesResponseType(typeof(ProjectLike), 200)]
-    public async Task<IActionResult> GetByUserIdAndProjectId([FromQuery] string userId, [FromQuery] string projectId) {
+    public async Task<IActionResult> GetByUserIdAndProjectId([FromQuery] string userId, [FromQuery] string projectId)
+    {
         var projectLike = await _projectLikeService.GetProjectLikeByUserIdAndProjectId(userId, projectId);
         if (projectLike is null)
         {
             return NotFound();
         }
         return Ok(projectLike);
     }
-        
+
 }

Controllers/ProjectUpdateController.cs

@@ -10,14 +10,14 @@ namespace MARKETPLACEAPI.Controllers;
 [ApiController]
 [Produces("application/json")]
 [Consumes("application/json")]
-[Authorize]
 [Route("api/project-updates/[controller]")]
 public class ProjectUpdateController : ControllerBase
 {
     private readonly IProjectUpdateService _projectUpdateService;
     private readonly IMapper _mapper;
 
-    public ProjectUpdateController(IProjectUpdateService projectUpdateService, IMapper mapper) {
+    public ProjectUpdateController(IProjectUpdateService projectUpdateService, IMapper mapper)
+    {
         _projectUpdateService = projectUpdateService;
         _mapper = mapper;
     }
@@ -42,15 +42,17 @@ public async Task<IActionResult> Get(string id)
     }
 
     [HttpPost]
+    [Authorize]
     public async Task<IActionResult> Post(ProjectUpdateCreateDto newProjectUpdate)
     {
         var projectUpdate = _mapper.Map<ProjectUpdate>(newProjectUpdate);
         await _projectUpdateService.CreateAsync(projectUpdate);
 
         return CreatedAtAction(nameof(Get), new { id = projectUpdate.projectUpdateId }, projectUpdate);
     }
-    
+
     [HttpPatch("{id:length(24)}")]
+    [Authorize]
     public async Task<IActionResult> Update(string id, ProjectUpdateCreateDto updatedProjectUpdate)
     {
 
@@ -70,6 +72,7 @@ public async Task<IActionResult> Update(string id, ProjectUpdateCreateDto update
     }
 
     [HttpDelete("{id:length(24)}")]
+    [Authorize]
     public async Task<IActionResult> Delete(string id)
     {
         var projectUpdate = await _projectUpdateService.GetAsync(id);