SysAdmin
a2247d7c02
Some checks failed
Build and Deploy LittleShop / Build TeleBot Docker Image (push) Failing after 11s
Build and Deploy LittleShop / Build LittleShop Docker Image (push) Failing after 15s
Build and Deploy LittleShop / Deploy to Production VPS (Manual Only) (push) Has been skipped
Build and Deploy LittleShop / Deploy to Pre-Production (CT109) (push) Has been skipped
Major Feature Additions: - Customer management: Full CRUD with data export and privacy compliance - Payment management: Centralized payment tracking and administration - Push notification subscriptions: Manage and track web push subscriptions Security Enhancements: - IP whitelist middleware for administrative endpoints - Data retention service with configurable policies - Enhanced push notification security documentation - Security fixes progress tracking (2025-11-14) UI/UX Improvements: - Enhanced navigation with improved mobile responsiveness - Updated admin dashboard with order status counts - Improved product CRUD forms - New customer and payment management interfaces Backend Improvements: - Extended customer service with data export capabilities - Enhanced order service with status count queries - Improved crypto payment service with better error handling - Updated validators and configuration Documentation: - DEPLOYMENT_NGINX_GUIDE.md: Nginx deployment instructions - IP_STORAGE_ANALYSIS.md: IP storage security analysis - PUSH_NOTIFICATION_SECURITY.md: Push notification security guide - UI_UX_IMPROVEMENT_PLAN.md: Planned UI/UX enhancements - UI_UX_IMPROVEMENTS_COMPLETED.md: Completed improvements Cleanup: - Removed temporary database WAL files - Removed stale commit message file 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
187 lines
5.8 KiB
C#
187 lines
5.8 KiB
C#
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using LittleShop.Services;
|
|
using LittleShop.DTOs;
|
|
using System.Security.Claims;
|
|
|
|
namespace LittleShop.Areas.Admin.Controllers;
|
|
|
|
[Area("Admin")]
|
|
[Authorize(AuthenticationSchemes = "Cookies", Roles = "Admin")]
|
|
public class ReviewsController : Controller
|
|
{
|
|
private readonly IReviewService _reviewService;
|
|
private readonly ILogger<ReviewsController> _logger;
|
|
|
|
public ReviewsController(IReviewService reviewService, ILogger<ReviewsController> logger)
|
|
{
|
|
_reviewService = reviewService;
|
|
_logger = logger;
|
|
}
|
|
|
|
public async Task<IActionResult> Index()
|
|
{
|
|
try
|
|
{
|
|
var pendingReviews = await _reviewService.GetPendingReviewsAsync();
|
|
return View(pendingReviews);
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
_logger.LogError(ex, "Error loading reviews index");
|
|
TempData["ErrorMessage"] = "Error loading reviews";
|
|
return View(new List<ReviewDto>());
|
|
}
|
|
}
|
|
|
|
public async Task<IActionResult> Details(Guid id)
|
|
{
|
|
try
|
|
{
|
|
var review = await _reviewService.GetReviewByIdAsync(id);
|
|
if (review == null)
|
|
{
|
|
TempData["ErrorMessage"] = "Review not found";
|
|
return RedirectToAction(nameof(Index));
|
|
}
|
|
return View(review);
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
_logger.LogError(ex, "Error loading review {ReviewId}", id);
|
|
TempData["ErrorMessage"] = "Error loading review details";
|
|
return RedirectToAction(nameof(Index));
|
|
}
|
|
}
|
|
|
|
[HttpPost]
|
|
[ValidateAntiForgeryToken]
|
|
public async Task<IActionResult> Approve(Guid id)
|
|
{
|
|
try
|
|
{
|
|
var userIdClaim = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
|
|
if (!Guid.TryParse(userIdClaim, out var userId))
|
|
{
|
|
TempData["ErrorMessage"] = "Authentication error";
|
|
return RedirectToAction(nameof(Index));
|
|
}
|
|
|
|
var success = await _reviewService.ApproveReviewAsync(id, userId);
|
|
if (success)
|
|
{
|
|
TempData["SuccessMessage"] = "Review approved successfully";
|
|
}
|
|
else
|
|
{
|
|
TempData["ErrorMessage"] = "Failed to approve review";
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
_logger.LogError(ex, "Error approving review {ReviewId}", id);
|
|
TempData["ErrorMessage"] = "Error approving review";
|
|
}
|
|
|
|
return RedirectToAction(nameof(Index));
|
|
}
|
|
|
|
[HttpPost]
|
|
[ValidateAntiForgeryToken]
|
|
public async Task<IActionResult> Delete(Guid id)
|
|
{
|
|
try
|
|
{
|
|
var success = await _reviewService.DeleteReviewAsync(id);
|
|
if (success)
|
|
{
|
|
TempData["SuccessMessage"] = "Review deleted successfully";
|
|
}
|
|
else
|
|
{
|
|
TempData["ErrorMessage"] = "Failed to delete review";
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
_logger.LogError(ex, "Error deleting review {ReviewId}", id);
|
|
TempData["ErrorMessage"] = "Error deleting review";
|
|
}
|
|
|
|
return RedirectToAction(nameof(Index));
|
|
}
|
|
|
|
public async Task<IActionResult> Edit(Guid id)
|
|
{
|
|
try
|
|
{
|
|
var review = await _reviewService.GetReviewByIdAsync(id);
|
|
if (review == null)
|
|
{
|
|
TempData["ErrorMessage"] = "Review not found";
|
|
return RedirectToAction(nameof(Index));
|
|
}
|
|
|
|
var updateDto = new UpdateReviewDto
|
|
{
|
|
Rating = review.Rating,
|
|
Title = review.Title,
|
|
Comment = review.Comment,
|
|
IsApproved = review.IsApproved,
|
|
IsActive = review.IsActive
|
|
};
|
|
|
|
ViewBag.ReviewId = id;
|
|
ViewBag.ProductName = review.ProductName;
|
|
ViewBag.CustomerName = review.CustomerDisplayName;
|
|
|
|
return View(updateDto);
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
_logger.LogError(ex, "Error loading review {ReviewId} for edit", id);
|
|
TempData["ErrorMessage"] = "Error loading review for edit";
|
|
return RedirectToAction(nameof(Index));
|
|
}
|
|
}
|
|
|
|
[HttpPost]
|
|
[ValidateAntiForgeryToken]
|
|
public async Task<IActionResult> Edit(Guid id, UpdateReviewDto updateDto)
|
|
{
|
|
if (!ModelState.IsValid)
|
|
{
|
|
var review = await _reviewService.GetReviewByIdAsync(id);
|
|
ViewBag.ReviewId = id;
|
|
ViewBag.ProductName = review?.ProductName ?? "";
|
|
ViewBag.CustomerName = review?.CustomerDisplayName ?? "";
|
|
return View(updateDto);
|
|
}
|
|
|
|
try
|
|
{
|
|
var success = await _reviewService.UpdateReviewAsync(id, updateDto);
|
|
if (success)
|
|
{
|
|
TempData["SuccessMessage"] = "Review updated successfully";
|
|
return RedirectToAction(nameof(Details), new { id });
|
|
}
|
|
else
|
|
{
|
|
TempData["ErrorMessage"] = "Review not found";
|
|
return RedirectToAction(nameof(Index));
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
_logger.LogError(ex, "Error updating review {ReviewId}", id);
|
|
TempData["ErrorMessage"] = "Error updating review";
|
|
|
|
var reviewDetails = await _reviewService.GetReviewByIdAsync(id);
|
|
ViewBag.ReviewId = id;
|
|
ViewBag.ProductName = reviewDetails?.ProductName ?? "";
|
|
ViewBag.CustomerName = reviewDetails?.CustomerDisplayName ?? "";
|
|
return View(updateDto);
|
|
}
|
|
}
|
|
} |