using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using UniVerse.Application.DTOs.Locations;
using UniVerse.Application.Interfaces;

namespace UniVerse.Api.Controllers;

[ApiController]
[Route("api/v1/locations")]
[Authorize]
public class LocationsController : ControllerBase
{
    private readonly ILocationService _locations;
    public LocationsController(ILocationService locations) => _locations = locations;

    [HttpGet]
    public async Task<ActionResult> GetAll() => Ok(await _locations.GetAllAsync());

    [HttpGet("{id:int}")]
    public async Task<ActionResult<LocationDto>> Get(int id) => Ok(await _locations.GetByIdAsync(id));

    [Authorize(Roles = "Admin")]
    [HttpPost]
    public async Task<ActionResult<LocationDto>> Create([FromBody] CreateLocationRequest req) =>
        CreatedAtAction(nameof(Get), new { id = 0 }, await _locations.CreateAsync(req));

    [Authorize(Roles = "Admin")]
    [HttpPut("{id:int}")]
    public async Task<ActionResult<LocationDto>> Update(int id, [FromBody] UpdateLocationRequest req) =>
        Ok(await _locations.UpdateAsync(id, req));

    [Authorize(Roles = "Admin")]
    [HttpDelete("{id:int}")]
    public async Task<IActionResult> Delete(int id) { await _locations.DeleteAsync(id); return NoContent(); }
}