Merge pull request #34 from Azm-Tech/feat/add-countries-lookup

Feat/sprint-6

Author: Rashed99Azm

backend/permissions.yaml

@@ -187,3 +187,7 @@ groups:
     CountryProfiles:
       description: Generate country profiles report
       roles: [cce-super-admin, cce-admin]
+  Lookup:
+    Manage:
+      description: Manage lookup tables (nationalities, country phone codes)
+      roles: [cce-super-admin]

backend/src/CCE.Api.Common/Auth/AuthEndpoints.cs

@@ -29,7 +29,8 @@ public static IEndpointRouteBuilder MapAuthEndpoints(this IEndpointRouteBuilder
                 body.OrganizationName,
                 body.PhoneNumber,
                 body.Password,
-                body.ConfirmPassword), ct).ConfigureAwait(false);
+                body.ConfirmPassword,
+                body.CountryCodeId), ct).ConfigureAwait(false);
             return result.ToCreatedHttpResult();
         })
         .AllowAnonymous()

backend/src/CCE.Api.Common/Localization/Resources.yaml

@@ -51,16 +51,8 @@ IDENTITY_USERNAME_EXISTS:
   en: "Username already taken"
 
 IDENTITY_INVALID_CREDENTIALS:
-  ar: "عذرًا، حدثت مشكلة أثناء تسجيل الدخول"
-  en: "Sorry, a problem occurred during login"
-
-IDENTITY_INVALID_TOKEN:
-  ar: "رمز الوصول غير صالح"
-  en: "Invalid access token"
-
-IDENTITY_ACCOUNT_DEACTIVATED:
-  ar: "عذرًا، حدثت مشكلة أثناء تسجيل الدخول"
-  en: "Sorry, a problem occurred during login"
+  ar: "البريد الإلكتروني أو كلمة المرور غير صحيحة"
+  en: "Invalid email or password"
 
 IDENTITY_NOT_AUTHENTICATED:
   ar: "المستخدم غير مصادق"
@@ -78,6 +70,14 @@ IDENTITY_STATE_REP_ASSIGNMENT_EXISTS:
   ar: "التعيين موجود بالفعل"
   en: "Assignment already exists"
 
+IDENTITY_INVALID_TOKEN:
+  ar: "رمز الوصول غير صالح"
+  en: "Invalid access token"
+
+IDENTITY_ACCOUNT_DEACTIVATED:
+  ar: "الحساب غير نشط"
+  en: "Account is deactivated"
+
 CONTENT_RESOURCE_NOT_FOUND:
   ar: "المورد غير موجود"
   en: "Resource not found"
@@ -189,12 +189,12 @@ USER_NOT_FOUND:
   en: "Sorry, user not found"
 
 EMAIL_EXISTS:
-  ar: "عذرًا، حدثت مشكلة أثناء إنشاء الحساب"
-  en: "Sorry, a problem occurred while creating the account"
+  ar: "البريد الإلكتروني مستخدم بالفعل"
+  en: "An account with this email already exists"
 
 INVALID_CREDENTIALS:
-  ar: "عذرًا، حدثت مشكلة أثناء تسجيل الدخول"
-  en: "Sorry, a problem occurred during login"
+  ar: "البريد الإلكتروني أو كلمة المرور غير صحيحة"
+  en: "Invalid email or password"
 
 NOT_AUTHENTICATED:
   ar: "المستخدم غير مصادق"

backend/src/CCE.Api.External/Endpoints/AssetEndpoints.cs

@@ -0,0 +1,76 @@
+using CCE.Api.Common.Auth;
+using CCE.Api.Common.Extensions;
+using CCE.Application.Common.Interfaces;
+using CCE.Application.Content.Commands.UploadAsset;
+using CCE.Application.Content.Queries.GetAssetById;
+using CCE.Infrastructure;
+using MediatR;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Routing;
+using Microsoft.Extensions.Options;
+
+namespace CCE.Api.External.Endpoints;
+
+public static class AssetEndpoints
+{
+    public static IEndpointRouteBuilder MapAssetEndpoints(this IEndpointRouteBuilder app)
+    {
+        var assets = app.MapGroup("/api/assets").WithTags("Assets").RequireAuthorization();
+
+        assets.MapPost("", async (
+            IFormFile file,
+            ICurrentUserAccessor currentUser,
+            IMediator mediator,
+            IOptions<CceInfrastructureOptions> infraOpts,
+            CancellationToken ct) =>
+        {
+            if (currentUser.GetUserId() is null) return Results.Unauthorized();
+
+            if (file is null || file.Length == 0)
+                return Results.BadRequest(new { error = "Upload requires a non-empty file." });
+
+            var allowed = infraOpts.Value.AllowedAssetMimeTypes;
+            if (!allowed.Contains(file.ContentType, System.StringComparer.OrdinalIgnoreCase))
+                return Results.StatusCode(StatusCodes.Status415UnsupportedMediaType);
+
+            await using var stream = file.OpenReadStream();
+            var result = await mediator.Send(
+                new UploadAssetCommand(stream, file.FileName, file.ContentType, file.Length),
+                ct).ConfigureAwait(false);
+
+            return result.Success
+                ? Results.Created($"/api/assets/{result.Data!.Id}", result)
+                : result.ToHttpResult();
+        })
+        .WithName("UploadAsset")
+        .DisableAntiforgery()
+        .WithMetadata(new RequestSizeLimitMetadataImpl(20L * 1024L * 1024L));
+
+        assets.MapGet("{id:guid}", async (
+            System.Guid id,
+            ICurrentUserAccessor currentUser,
+            IMediator mediator,
+            CancellationToken ct) =>
+        {
+            var userId = currentUser.GetUserId() ?? System.Guid.Empty;
+            if (userId == System.Guid.Empty) return Results.Unauthorized();
+
+            var result = await mediator.Send(new GetAssetByIdQuery(id), ct).ConfigureAwait(false);
+
+            if (!result.Success || result.Data!.UploadedById != userId)
+                return Results.NotFound();
+
+            return result.ToHttpResult();
+        })
+        .WithName("GetAssetById");
+
+        return app;
+    }
+
+    private sealed class RequestSizeLimitMetadataImpl : Microsoft.AspNetCore.Http.Metadata.IRequestSizeLimitMetadata
+    {
+        public RequestSizeLimitMetadataImpl(long? max) { MaxRequestBodySize = max; }
+        public long? MaxRequestBodySize { get; }
+    }
+}

backend/src/CCE.Api.External/Endpoints/CountryCodesPublicEndpoints.cs

@@ -0,0 +1,39 @@
+using CCE.Application.Lookups.Queries.GetCountryCodeById;
+using CCE.Application.Lookups.Queries.ListCountryCodes;
+using MediatR;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Routing;
+
+namespace CCE.Api.External.Endpoints;
+
+public static class CountryCodesPublicEndpoints
+{
+    public static IEndpointRouteBuilder MapCountryCodesPublicEndpoints(this IEndpointRouteBuilder app)
+    {
+        var group = app.MapGroup("/api/country-codes").WithTags("CountryCodes");
+
+        group.MapGet("", async (
+            string? search, bool? isActive,
+            IMediator mediator, CancellationToken ct) =>
+        {
+            var query = new ListCountryCodesQuery(Search: search, IsActive: isActive);
+            var result = await mediator.Send(query, ct).ConfigureAwait(false);
+            return Results.Ok(result);
+        })
+        .AllowAnonymous()
+        .WithName("ListPublicCountryCodes");
+
+        group.MapGet("/{id:guid}", async (
+            System.Guid id,
+            IMediator mediator, CancellationToken ct) =>
+        {
+            var result = await mediator.Send(new GetCountryCodeByIdQuery(id), ct).ConfigureAwait(false);
+            return result.Success ? Results.Ok(result) : Results.NotFound(result);
+        })
+        .AllowAnonymous()
+        .WithName("GetPublicCountryCodeById");
+
+        return app;
+    }
+}

backend/src/CCE.Api.External/Endpoints/ProfileEndpoints.cs

@@ -34,7 +34,8 @@ public static IEndpointRouteBuilder MapProfileEndpoints(this IEndpointRouteBuild
                 body.OrganizationName,
                 body.PhoneNumber,
                 body.Password,
-                body.ConfirmPassword), ct).ConfigureAwait(false);
+                body.ConfirmPassword,
+                body.CountryCodeId), ct).ConfigureAwait(false);
             return result.ToCreatedHttpResult();
         })
         .AllowAnonymous()
@@ -50,7 +51,8 @@ public static IEndpointRouteBuilder MapProfileEndpoints(this IEndpointRouteBuild
             if (userId == System.Guid.Empty) return Results.Unauthorized();
             var cmd = new SubmitExpertRequestCommand(
                 userId, body.RequestedBioAr, body.RequestedBioEn,
-                body.RequestedTags ?? System.Array.Empty<string>());
+                body.RequestedTags ?? System.Array.Empty<string>(),
+                body.CvAssetFileId);
             var result = await mediator.Send(cmd, ct).ConfigureAwait(false);
             return result.ToCreatedHttpResult();
         })
@@ -77,9 +79,11 @@ public static IEndpointRouteBuilder MapProfileEndpoints(this IEndpointRouteBuild
             var userId = currentUser.GetUserId() ?? System.Guid.Empty;
             if (userId == System.Guid.Empty) return Results.Unauthorized();
             var cmd = new UpdateMyProfileCommand(
-                userId, body.LocalePreference, body.KnowledgeLevel,
+                userId,
+                body.FirstName, body.LastName, body.JobTitle, body.OrganizationName,
+                body.LocalePreference, body.KnowledgeLevel,
                 body.Interests ?? System.Array.Empty<string>(),
-                body.AvatarUrl, body.CountryId);
+                body.AvatarUrl, body.CountryId, body.CountryCodeId);
             var result = await mediator.Send(cmd, ct).ConfigureAwait(false);
             return result.ToHttpResult();
         })

backend/src/CCE.Api.External/Program.cs

@@ -95,6 +95,7 @@
 app.MapHub<NotificationsHub>("/hubs/notifications");
 
 app.MapProfileEndpoints();
+app.MapAssetEndpoints();
 app.MapAuthEndpoints(CCE.Application.Identity.Auth.Common.LocalAuthApi.External);
 app.MapNotificationsEndpoints();
 app.MapNewsPublicEndpoints();
@@ -118,6 +119,7 @@
 app.MapPoliciesSettingsPublicEndpoints();
 app.MapMediaPublicEndpoints();
 app.MapVerificationEndpoints();
+app.MapCountryCodesPublicEndpoints();
 
 app.MapGet("/health", async (IMediator mediator) =>
 {

backend/src/CCE.Api.External/appsettings.Development.json

@@ -91,5 +91,8 @@
   },
   "Otp": {
     "HmacSecret": "3ahs3DvW/rdx+InzjOCpqSUDSFuvyF59sPjziVdeIhE="
+  },
+  "Frontend": {
+    "PasswordResetUrl": "http://localhost:4200"
   }
 }

backend/src/CCE.Api.External/appsettings.Production.json

@@ -83,5 +83,8 @@
       "BaseUrl": "https://cce-mocks.bonto.run",
       "TimeoutSeconds": 30
     }
+  },
+  "Frontend": {
+    "PasswordResetUrl": "http://localhost:4200"
   }
 }

backend/src/CCE.Api.External/appsettings.json

@@ -75,6 +75,6 @@
     "EnableTracing": true
   },
   "Otp": {
-    "HmacSecret": "replace-with-32-byte-base64-hmac-secret"
+    "HmacSecret": "Bu7y2mktcNeV5dMdCmg8W2ZTRyPty9snQ7Q8QKrA2YY="
   }
 }