Table of Contents

Class AdminBlogController

Namespace
Builvero.Api.Controllers
Assembly
Builvero.Api.dll

Provides administrative API endpoints for blog post management including creation, updates, deletion, and image upload URL generation.

[ApiController]
[Route("api/admin/blog")]
[Authorize(Policy = "AdminWrite")]
public class AdminBlogController : ControllerBase
Inheritance
AdminBlogController
Inherited Members

Remarks

This controller requires authorization via the "AdminWrite" policy for all operations. All endpoints are prefixed with /api/admin/blog.

The controller handles:

  • Blog post CRUD operations (create, read, update, delete)
  • Blog image upload URL generation for rich text editor

Error responses follow a consistent format: { "error": "error message" } for client errors (400, 404).

Constructors

AdminBlogController(IBlogService, ILogger<AdminBlogController>)

Initializes a new instance of the AdminBlogController class.

public AdminBlogController(IBlogService blogService, ILogger<AdminBlogController> logger)

Parameters

blogService IBlogService

Service for blog post operations.

logger ILogger<AdminBlogController>

Logger for recording controller operations and errors.

Methods

CreatePost(CreateBlogPostRequest, CancellationToken)

Creates a new blog post.

[HttpPost("posts")]
public Task<ActionResult<BlogPostDetailsDto>> CreatePost(CreateBlogPostRequest request, CancellationToken cancellationToken)

Parameters

request CreateBlogPostRequest

The blog post creation request.

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<ActionResult<BlogPostDetailsDto>>

201 Created: Returns the created BlogPostDetailsDto

400 Bad Request: Invalid request data

500 Internal Server Error: Error creating post

Remarks

Requires "AdminWrite" policy. The slug is automatically generated from the subject and made unique. HTML content is sanitized before storage to prevent XSS attacks.

DeletePost(Guid, CancellationToken)

Deletes a blog post.

[HttpDelete("posts/{id}")]
public Task<IActionResult> DeletePost(Guid id, CancellationToken cancellationToken)

Parameters

id Guid

The unique identifier of the blog post to delete.

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<IActionResult>

200 OK: Returns { "message": "Blog post deleted successfully" }

404 Not Found: Post not found

500 Internal Server Error: Error deleting post

Remarks

Requires "AdminWrite" policy. This operation is permanent and cannot be undone.

GenerateImageUploadUrl(string, string, CancellationToken)

Generates a presigned URL for uploading a blog image to S3.

[HttpPost("image-upload-url")]
public Task<ActionResult<BlogImageUploadResponse>> GenerateImageUploadUrl(string fileExtension, string contentType, CancellationToken cancellationToken)

Parameters

fileExtension string

The file extension of the image (e.g., "jpg", "png").

contentType string

The MIME type of the image (e.g., "image/jpeg", "image/png").

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<ActionResult<BlogImageUploadResponse>>

200 OK: Returns BlogImageUploadResponse with upload URL, object key, and read URL

400 Bad Request: Invalid file extension or content type

500 Internal Server Error: Error generating upload URL

Remarks

Requires "AdminWrite" policy. The upload URL expires after 5 minutes. The read URL expires after 15 minutes. Allowed file extensions: jpg, jpeg, png, gif, webp Allowed content types: image/jpeg, image/jpg, image/png, image/gif, image/webp

GetAllPosts(CancellationToken)

Retrieves all blog posts (both published and draft).

[HttpGet("posts")]
public Task<ActionResult<List<BlogPostSummaryDto>>> GetAllPosts(CancellationToken cancellationToken)

Parameters

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<ActionResult<List<BlogPostSummaryDto>>>

200 OK: Returns list of BlogPostSummaryDto objects

500 Internal Server Error: Error retrieving posts

Remarks

Requires "AdminWrite" policy. Returns all posts regardless of publication status, ordered by creation date (newest first).

GetPost(Guid, CancellationToken)

Retrieves a blog post by its unique identifier.

[HttpGet("posts/{id}")]
public Task<ActionResult<BlogPostDetailsDto>> GetPost(Guid id, CancellationToken cancellationToken)

Parameters

id Guid

The unique identifier of the blog post.

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<ActionResult<BlogPostDetailsDto>>

200 OK: Returns the BlogPostDetailsDto

404 Not Found: Post not found

Remarks

Requires "AdminWrite" policy. Returns both published and draft posts.

UpdatePost(Guid, UpdateBlogPostRequest, CancellationToken)

Updates an existing blog post.

[HttpPut("posts/{id}")]
public Task<ActionResult<BlogPostDetailsDto>> UpdatePost(Guid id, UpdateBlogPostRequest request, CancellationToken cancellationToken)

Parameters

id Guid

The unique identifier of the blog post to update.

request UpdateBlogPostRequest

The blog post update request.

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<ActionResult<BlogPostDetailsDto>>

200 OK: Returns the updated BlogPostDetailsDto

400 Bad Request: Invalid request data

404 Not Found: Post not found

500 Internal Server Error: Error updating post

Remarks

Requires "AdminWrite" policy. The slug is regenerated if the subject changes. HTML content is sanitized before storage.

Edit this page