marco.pms.api/Marco.Pms.Services/Controllers/UserController.cs

using Marco.Pms.Model.Employees;
using Marco.Pms.Model.Entitlements;
using Marco.Pms.Model.Mapper;
using Marco.Pms.Model.Projects;
using Marco.Pms.Model.Utilities;
using Marco.Pms.Model.ViewModels.Employee;
using MarcoBMS.Services.Helpers;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace MarcoBMS.Services.Controllers
{
    [Route("api/[controller]")]
    [ApiController]
    [Authorize]

    public class UserController : ControllerBase
    {
        private readonly UserHelper _userHelper;
        private readonly EmployeeHelper _employeeHelper;

        private readonly ProjectsHelper _projectsHelper;
        private readonly RolesHelper _rolesHelper;

        public UserController(EmployeeHelper employeeHelper, ProjectsHelper projectsHelper,  UserHelper userHelper, RolesHelper rolesHelper)
        {
            _userHelper = userHelper;
            _employeeHelper = employeeHelper;
            _projectsHelper = projectsHelper;
            _rolesHelper = rolesHelper;

        }
        [HttpGet("profile")]
        public async Task<IActionResult> GetUserProfileFromJwt()
        {
            if (!ModelState.IsValid)
            {
                var errors = ModelState.Values
                    .SelectMany(v => v.Errors)
                    .Select(e => e.ErrorMessage)
                    .ToList();
                return BadRequest(ApiResponse<object>.ErrorResponse("Invalid data", errors, 400));

            }

            var user = await _userHelper.GetCurrentUserAsync();
            Employee emp = new Employee { };
            if(user != null)
            {
                emp = await _employeeHelper.GetEmployeeByApplicationUserID(user.Id);
            }

            List<FeaturePermission> featurePermission = await _rolesHelper.GetFeaturePermissionByEmployeeID(emp.Id);
            string[] projectsId = [];

            /* User with permission manage project  can see all projects */
            if (featurePermission != null && featurePermission.Exists(c => c.Id.ToString() == "172fc9b6-755b-4f62-ab26-55c34a330614")) {
                List<Project> projects = await _projectsHelper.GetAllProjectByTanentID(emp.TenantId);
                projectsId = projects.Select(c=>c.Id.ToString()).ToArray();
            }
            else
            {
                List<ProjectAllocation> allocation = await _projectsHelper.GetProjectByEmployeeID(emp.Id);
                projectsId = allocation.Select(c => c.ProjectId.ToString()).ToArray();
            }
            EmployeeProfile profile = new EmployeeProfile() { };
            if (featurePermission != null)
            {
                EmployeeVM employeeVM = EmployeeMapper.ToEmployeeVMFromEmployee(emp);
                profile = new EmployeeProfile()
                {
                    EmployeeInfo = employeeVM,
                    Projects = projectsId,
                    FeaturePermissions = featurePermission.Select(c => c.Id.ToString()).Distinct().ToArray(),
                    Features = featurePermission.Select(c => c.FeatureId.ToString()).Distinct().ToArray(),
                };
            }


            return Ok(ApiResponse<object>.SuccessResponse(profile, "Success", 200));
        }
    }
}