social-media/src/Web/Features/Messages/Handlers/ChangeMessage.cs

using Hutopy.Web.Common;
using Hutopy.Web.Common.Security;
using Hutopy.Web.Features.Messages.Data;

namespace Hutopy.Web.Features.Messages.Handlers;

public sealed class ChangeMessageRequest
{
    public Guid? Id { get; set; }
    public required Guid SubjectId { get; set; }
    public required string Message { get; set; }
}

internal sealed class ChangeMessageRequestValidator
    : Validator<ChangeMessageRequest>
{
    public ChangeMessageRequestValidator()
    {
        RuleFor(r => r.SubjectId)
            .NotNull().WithMessage("You must specify a SubjectId")
            .NotEmpty().WithMessage("You must specify a non-empty SubjectId");

        RuleFor(r => r.Message)
            .NotNull().WithMessage("You must specify a Message")
            .NotEmpty().WithMessage("You must specify a non-empty Message");
    }
}

public class ChangeMessage(
    MessagingDbContext context)
    : Endpoint<ChangeMessageRequest>
{
    public override void Configure()
    {
        Post("/api/messages/update");
        Options(o => o.WithTags("Messages"));
    }

    public override async Task HandleAsync(
        ChangeMessageRequest req,
        CancellationToken ct)
    {
        var message = await context.Messages.FirstOrDefaultAsync(x => x.Id == req.Id, ct);
        
        if (message is null)
        {
            await SendNotFoundAsync(ct);
            return;
        }
        
        var userId = HttpContext.User.GetUserId();
        if (message.CreatedBy != userId)
        {
            await SendForbiddenAsync(ct);
            return;
        }

        message.SubjectId = req.SubjectId;
        message.Value = req.Message;

        context.Update(message);
        
        await context.SaveChangesAsync(ct);
    }
}