package se.bilhalsning.controller; import jakarta.validation.Valid; import lombok.RequiredArgsConstructor; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.security.core.annotation.AuthenticationPrincipal; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PatchMapping; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import se.bilhalsning.dto.CreateOrderRequest; import se.bilhalsning.dto.OrderResponse; import se.bilhalsning.dto.UpdateOrderRequest; import se.bilhalsning.entity.Order; import se.bilhalsning.entity.User; import se.bilhalsning.exception.InvalidCredentialsException; import se.bilhalsning.service.OrderService; import se.bilhalsning.service.UserService; import java.util.List; import java.util.UUID; @RestController @RequestMapping("/api/orders") @RequiredArgsConstructor public class OrderController { private final OrderService orderService; private final UserService userService; @GetMapping public ResponseEntity> list(@AuthenticationPrincipal UserDetails userDetails) { User user = userService.findByEmail(userDetails.getUsername()) .orElseThrow(InvalidCredentialsException::new); List orders = orderService.getOrdersByUserId(user.getId()).stream() .map(this::toResponse) .toList(); return ResponseEntity.ok(orders); } @GetMapping("/{id}") public ResponseEntity get(@PathVariable UUID id, @AuthenticationPrincipal UserDetails userDetails) { User user = userService.findByEmail(userDetails.getUsername()) .orElseThrow(InvalidCredentialsException::new); Order order = orderService.getOrderById(id); if (!order.getUserId().equals(user.getId())) { return ResponseEntity.notFound().build(); } return ResponseEntity.ok(toResponse(order)); } @PostMapping public ResponseEntity create( @Valid @RequestBody CreateOrderRequest request, @AuthenticationPrincipal UserDetails userDetails) { User user = userService.findByEmail(userDetails.getUsername()) .orElseThrow(InvalidCredentialsException::new); Order order = orderService.createOrder( user.getId(), request.plate(), request.letterText() ); return ResponseEntity.status(HttpStatus.CREATED).body(toResponse(order)); } @PatchMapping("/{id}") public ResponseEntity update( @PathVariable UUID id, @Valid @RequestBody UpdateOrderRequest request, @AuthenticationPrincipal UserDetails userDetails) { User user = userService.findByEmail(userDetails.getUsername()) .orElseThrow(InvalidCredentialsException::new); Order order = orderService.updatePendingOrder(id, user.getId(), request.letterText()); return ResponseEntity.ok(toResponse(order)); } @PostMapping("/{id}/cancel") public ResponseEntity cancel( @PathVariable UUID id, @AuthenticationPrincipal UserDetails userDetails) { User user = userService.findByEmail(userDetails.getUsername()) .orElseThrow(InvalidCredentialsException::new); Order order = orderService.cancelOrder(id, user.getId()); return ResponseEntity.ok(toResponse(order)); } private OrderResponse toResponse(Order order) { return new OrderResponse( order.getId(), order.getPlate(), order.getLetterText(), order.getStatus().getValue(), order.getTrackingId(), order.getAmountPaid(), order.getCreatedAt() ); } }