From 6acb536aefc599fb0ca5075b5f279f8c412ed4d0 Mon Sep 17 00:00:00 2001
From: JakkrapartXD <jakkrapart_in66@live.rmutl.ac.th>
Date: Fri, 23 Jan 2026 11:29:46 +0700
Subject: [PATCH] add filter APPROVED to couse to see olny APPROVED course

---
 .../ChaptersLessonInstructorController.ts     | 16 +------------
 .../src/services/CoursesStudent.service.ts    | 24 ++++++++++++++++++-
 Backend/src/services/courses.service.ts       | 11 +++++++--
 3 files changed, 33 insertions(+), 18 deletions(-)

diff --git a/Backend/src/controllers/ChaptersLessonInstructorController.ts b/Backend/src/controllers/ChaptersLessonInstructorController.ts
index 08e83689..5a26b709 100644
--- a/Backend/src/controllers/ChaptersLessonInstructorController.ts
+++ b/Backend/src/controllers/ChaptersLessonInstructorController.ts
@@ -2,7 +2,6 @@ import { Body, Delete, Get, Path, Post, Put, Request, Response, Route, Security,
 import { ValidationError } from '../middleware/errorHandler';
 import { ChaptersLessonService } from '../services/ChaptersLesson.service';
 import {
-    ListChaptersResponse,
     CreateChapterResponse,
     UpdateChapterResponse,
     DeleteChapterResponse,
@@ -33,22 +32,9 @@ export class ChaptersLessonInstructorController {
 
     // ============================================
     // Chapter Endpoints
+    // Note: Use CoursesInstructorController.getMyCourse to get chapters with full details
     // ============================================
 
-    /**
-     * ดึง chapters ทั้งหมดของ course (พร้อม lessons)
-     * Get all chapters of a course with lessons
-     */
-    @Get('chapters')
-    @Security('jwt', ['instructor'])
-    @SuccessResponse('200', 'Chapters retrieved successfully')
-    @Response('401', 'Unauthorized')
-    public async listChapters(@Request() request: any, @Path() courseId: number): Promise<ListChaptersResponse> {
-        const token = request.headers.authorization?.replace('Bearer ', '');
-        if (!token) throw new ValidationError('No token provided');
-        return await chaptersLessonService.listChapters({ token, course_id: courseId });
-    }
-
     /**
      * สร้าง chapter ใหม่
      * Create a new chapter
diff --git a/Backend/src/services/CoursesStudent.service.ts b/Backend/src/services/CoursesStudent.service.ts
index b66edfe3..cadeaf94 100644
--- a/Backend/src/services/CoursesStudent.service.ts
+++ b/Backend/src/services/CoursesStudent.service.ts
@@ -32,6 +32,28 @@ export class CoursesStudentService {
         try {
             const { course_id } = input;
             const decoded = jwt.verify(input.token, config.jwt.secret) as { id: number; type: string };
+
+            const course = await prisma.course.findUnique({
+                where: { id: course_id },
+            });
+
+            if (!course) throw new NotFoundError('Course not found');
+
+            if (course.status !== 'APPROVED') throw new ForbiddenError('Cannot enroll in this course. Course is not available.');
+
+            const existingEnrollment = await prisma.enrollment.findUnique({
+                where: {
+                    unique_enrollment: {
+                        user_id: decoded.id,
+                        course_id,
+                    },
+                },
+            });
+
+            if (existingEnrollment) {
+                throw new ValidationError('Already enrolled in this course');
+            }
+
             const enrollment = await prisma.enrollment.create({
                 data: {
                     course_id,
@@ -270,7 +292,7 @@ export class CoursesStudentService {
             const decoded = jwt.verify(token, config.jwt.secret) as { id: number; type: string };
 
             // Import MinIO functions
-            
+
             // Check enrollment
             const enrollment = await prisma.enrollment.findUnique({
                 where: {
diff --git a/Backend/src/services/courses.service.ts b/Backend/src/services/courses.service.ts
index a09cc70b..0889969a 100644
--- a/Backend/src/services/courses.service.ts
+++ b/Backend/src/services/courses.service.ts
@@ -8,7 +8,9 @@ import { UnauthorizedError, ValidationError, ForbiddenError } from '../middlewar
 export class CoursesService {
     async ListCourses(category_id?: number): Promise<listCourseResponse> {
         try {
-            const where: Prisma.CourseWhereInput = {};
+            const where: Prisma.CourseWhereInput = {
+                status: 'APPROVED', 
+            };
 
             if (category_id) {
                 where.category_id = category_id;
@@ -30,7 +32,12 @@ export class CoursesService {
 
     async GetCourseById(id: number): Promise<getCourseResponse> {
         try {
-            const course = await prisma.course.findUnique({ where: { id } });
+            const course = await prisma.course.findFirst({
+                where: {
+                    id,
+                    status: 'APPROVED' // Only show approved courses to students
+                }
+            });
             return {
                 code: 200,
                 message: 'Course fetched successfully',