db880b3480
Implement Task 16: Club + Member API endpoints with MemberSyncService
Services:
- ClubService: GetMyClubsAsync (user's clubs), GetCurrentClubAsync (tenant club)
- MemberService: GetMembersAsync (list), GetMemberByIdAsync, GetCurrentMemberAsync
- MemberSyncService: Auto-creates Member records from JWT on first request
Middleware:
- MemberSyncMiddleware: Runs after auth, calls MemberSyncService
Endpoints:
- GET /api/clubs/me (list user's clubs)
- GET /api/clubs/current (current tenant's club)
- GET /api/members (list members, RLS filtered)
- GET /api/members/{id} (member detail)
- GET /api/members/me (current user's membership)
Tests: 14 integration tests (6 club + 8 member)
- Club filtering by user membership
- Multi-tenant isolation via RLS
- Member auto-sync on first request
- Cross-tenant access blocked
- Role-based authorization
Build: 0 errors, all tests compile
Pattern: TypedResults, RequireAuthorization policies, TDD approach
79 lines
2.3 KiB
C#
79 lines
2.3 KiB
C#
using Microsoft.EntityFrameworkCore;
|
|
using WorkClub.Application.Interfaces;
|
|
using WorkClub.Domain.Entities;
|
|
using WorkClub.Domain.Enums;
|
|
using WorkClub.Infrastructure.Data;
|
|
|
|
namespace WorkClub.Api.Services;
|
|
|
|
public class MemberSyncService
|
|
{
|
|
private readonly AppDbContext _context;
|
|
private readonly ITenantProvider _tenantProvider;
|
|
|
|
public MemberSyncService(AppDbContext context, ITenantProvider tenantProvider)
|
|
{
|
|
_context = context;
|
|
_tenantProvider = tenantProvider;
|
|
}
|
|
|
|
public async Task EnsureMemberExistsAsync(HttpContext httpContext)
|
|
{
|
|
if (httpContext?.User?.Identity?.IsAuthenticated != true)
|
|
{
|
|
return;
|
|
}
|
|
|
|
var externalUserId = httpContext.User.FindFirst("sub")?.Value;
|
|
if (string.IsNullOrEmpty(externalUserId))
|
|
{
|
|
return;
|
|
}
|
|
|
|
var tenantId = _tenantProvider.GetTenantId();
|
|
|
|
var existingMember = await _context.Members
|
|
.FirstOrDefaultAsync(m => m.ExternalUserId == externalUserId && m.TenantId == tenantId);
|
|
|
|
if (existingMember != null)
|
|
{
|
|
return;
|
|
}
|
|
|
|
var email = httpContext.User.FindFirst("email")?.Value ?? httpContext.User.FindFirst("preferred_username")?.Value ?? "unknown@example.com";
|
|
var name = httpContext.User.FindFirst("name")?.Value ?? email.Split('@')[0];
|
|
|
|
var roleClaim = httpContext.User.FindFirst(System.Security.Claims.ClaimTypes.Role)?.Value ?? "Member";
|
|
var clubRole = roleClaim.ToLowerInvariant() switch
|
|
{
|
|
"admin" => ClubRole.Admin,
|
|
"manager" => ClubRole.Manager,
|
|
"member" => ClubRole.Member,
|
|
"viewer" => ClubRole.Viewer,
|
|
_ => ClubRole.Member
|
|
};
|
|
|
|
var club = await _context.Clubs.FirstOrDefaultAsync(c => c.TenantId == tenantId);
|
|
if (club == null)
|
|
{
|
|
return;
|
|
}
|
|
|
|
var newMember = new Member
|
|
{
|
|
Id = Guid.NewGuid(),
|
|
TenantId = tenantId,
|
|
ExternalUserId = externalUserId,
|
|
DisplayName = name,
|
|
Email = email,
|
|
Role = clubRole,
|
|
ClubId = club.Id,
|
|
CreatedAt = DateTimeOffset.UtcNow,
|
|
UpdatedAt = DateTimeOffset.UtcNow
|
|
};
|
|
|
|
_context.Members.Add(newMember);
|
|
await _context.SaveChangesAsync();
|
|
}
|
|
}
|