make admin approve api

Backend/src/controllers/AdminCourseApprovalController.ts

@@ -0,0 +1,100 @@
+import { Body, Get, Path, Post, Request, Response, Route, Security, SuccessResponse, Tags } from 'tsoa';
+import { ValidationError } from '../middleware/errorHandler';
+import { AdminCourseApprovalService } from '../services/AdminCourseApproval.service';
+import {
+    ListPendingCoursesResponse,
+    GetCourseDetailForAdminResponse,
+    ApproveCourseBody,
+    ApproveCourseResponse,
+    RejectCourseBody,
+    RejectCourseResponse,
+} from '../types/AdminCourseApproval.types';
+
+@Route('api/admin/courses')
+@Tags('Admin/CourseApproval')
+export class AdminCourseApprovalController {
+
+    /**
+     * ดึงรายการคอร์สที่รอการอนุมัติ
+     * Get all courses pending for approval
+     */
+    @Get('pending')
+    @Security('jwt', ['admin'])
+    @SuccessResponse('200', 'Pending courses retrieved successfully')
+    @Response('401', 'Unauthorized')
+    @Response('403', 'Forbidden - Admin only')
+    public async listPendingCourses(@Request() request: any): Promise<ListPendingCoursesResponse> {
+        const token = request.headers.authorization?.replace('Bearer ', '');
+        if (!token) {
+            throw new ValidationError('No token provided');
+        }
+        return await AdminCourseApprovalService.listPendingCourses();
+    }
+
+    /**
+     * ดึงรายละเอียดคอร์สสำหรับการตรวจสอบ
+     * Get course details for admin review
+     * @param courseId - รหัสคอร์ส / Course ID
+     */
+    @Get('{courseId}')
+    @Security('jwt', ['admin'])
+    @SuccessResponse('200', 'Course details retrieved successfully')
+    @Response('401', 'Unauthorized')
+    @Response('403', 'Forbidden - Admin only')
+    @Response('404', 'Course not found')
+    public async getCourseDetail(@Request() request: any, @Path() courseId: number): Promise<GetCourseDetailForAdminResponse> {
+        const token = request.headers.authorization?.replace('Bearer ', '');
+        if (!token) {
+            throw new ValidationError('No token provided');
+        }
+        return await AdminCourseApprovalService.getCourseDetail(courseId);
+    }
+
+    /**
+     * อนุมัติคอร์ส
+     * Approve a course for publication
+     * @param courseId - รหัสคอร์ส / Course ID
+     */
+    @Post('{courseId}/approve')
+    @Security('jwt', ['admin'])
+    @SuccessResponse('200', 'Course approved successfully')
+    @Response('400', 'Course is not pending for approval')
+    @Response('401', 'Unauthorized')
+    @Response('403', 'Forbidden - Admin only')
+    @Response('404', 'Course not found')
+    public async approveCourse(
+        @Request() request: any,
+        @Path() courseId: number,
+        @Body() body?: ApproveCourseBody
+    ): Promise<ApproveCourseResponse> {
+        const token = request.headers.authorization?.replace('Bearer ', '');
+        if (!token) {
+            throw new ValidationError('No token provided');
+        }
+        return await AdminCourseApprovalService.approveCourse(token, courseId, body?.comment);
+    }
+
+    /**
+     * ปฏิเสธคอร์ส
+     * Reject a course (requires comment)
+     * @param courseId - รหัสคอร์ส / Course ID
+     */
+    @Post('{courseId}/reject')
+    @Security('jwt', ['admin'])
+    @SuccessResponse('200', 'Course rejected successfully')
+    @Response('400', 'Course is not pending for approval or comment is required')
+    @Response('401', 'Unauthorized')
+    @Response('403', 'Forbidden - Admin only')
+    @Response('404', 'Course not found')
+    public async rejectCourse(
+        @Request() request: any,
+        @Path() courseId: number,
+        @Body() body: RejectCourseBody
+    ): Promise<RejectCourseResponse> {
+        const token = request.headers.authorization?.replace('Bearer ', '');
+        if (!token) {
+            throw new ValidationError('No token provided');
+        }
+        return await AdminCourseApprovalService.rejectCourse(token, courseId, body.comment);
+    }
+}