Table of Contents

Class ProjectJoinRequestsController

Namespace
Builvero.Api.Controllers
Assembly
Builvero.Api.dll

Provides API endpoints for managing project join requests, including creating requests, retrieving incoming/outgoing requests, responding to requests, and canceling requests.

[ApiController]
[Route("api/join-requests")]
[Authorize]
public class ProjectJoinRequestsController : ControllerBase
Inheritance
ProjectJoinRequestsController
Inherited Members

Remarks

All endpoints require authentication (JWT token) except for token-based response endpoints which are public. This controller handles:

  • Creating join requests to join projects (any authenticated user)
  • Retrieving incoming join requests (requests for projects the authenticated user owns)
  • Retrieving outgoing join requests (requests created by the authenticated user)
  • Responding to join requests (approve or decline, project owners only)
  • Responding to join requests via secure token (public endpoint, no authentication required)
  • Canceling pending join requests (requester only)

Join requests include a secure token that allows project owners to approve/decline via email links without requiring login. Join requests expire after 30 days if not responded to.

Constructors

ProjectJoinRequestsController(IProjectJoinRequestService)

Initializes a new instance of the ProjectJoinRequestsController class.

public ProjectJoinRequestsController(IProjectJoinRequestService joinRequestService)

Parameters

joinRequestService IProjectJoinRequestService

Service for project join request operations.

Methods

CancelRequest(Guid, CancellationToken)

Cancels a pending join request.

[HttpPost("{requestId}/cancel")]
public Task<ActionResult<ProjectJoinRequestDto>> CancelRequest(Guid requestId, CancellationToken cancellationToken)

Parameters

requestId Guid

The unique identifier of the join request to cancel.

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<ActionResult<ProjectJoinRequestDto>>

200 OK: Returns updated ProjectJoinRequestDto with status set to Cancelled

403 Forbidden: User attempts to cancel a join request they didn't create

400 Bad Request: Join request not found, already responded to, or other error

Remarks

Requires authentication. Only the user who created the join request (the requester) can cancel it. Only pending join requests can be canceled. Once canceled, the request cannot be approved or declined.

CreateJoinRequest(Guid, CreateJoinRequestRequest, CancellationToken)

Creates a new join request, requesting to join a project.

[HttpPost("projects/{projectId}")]
public Task<ActionResult<ProjectJoinRequestDto>> CreateJoinRequest(Guid projectId, CreateJoinRequestRequest request, CancellationToken cancellationToken)

Parameters

projectId Guid

The unique identifier of the project to request to join.

request CreateJoinRequestRequest

The join request containing an optional message explaining why the user wants to join.

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<ActionResult<ProjectJoinRequestDto>>

200 OK: Returns created ProjectJoinRequestDto

400 Bad Request: Invalid request data, project not found, user already a member, pending request exists, or other error

Remarks

Requires authentication. Any authenticated user can create a join request. The request includes a secure token and expires after 30 days. An email notification is sent to the project owner. If the user is already a member or has a pending request, an error is returned.

GetIncomingRequests(CancellationToken)

Retrieves all incoming join requests for projects owned by the authenticated user.

[HttpGet("incoming")]
public Task<ActionResult<List<ProjectJoinRequestDto>>> GetIncomingRequests(CancellationToken cancellationToken)

Parameters

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<ActionResult<List<ProjectJoinRequestDto>>>

200 OK: Returns list of ProjectJoinRequestDto objects

400 Bad Request: Error retrieving join requests

Remarks

Requires authentication. Returns all join requests for projects where the authenticated user is the owner, filtered to only pending requests. Useful for project owners to see who wants to join their projects.

GetOutgoingRequests(CancellationToken)

Retrieves all outgoing join requests created by the authenticated user.

[HttpGet("outgoing")]
public Task<ActionResult<List<ProjectJoinRequestDto>>> GetOutgoingRequests(CancellationToken cancellationToken)

Parameters

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<ActionResult<List<ProjectJoinRequestDto>>>

200 OK: Returns list of ProjectJoinRequestDto objects

400 Bad Request: Error retrieving join requests

Remarks

Requires authentication. Returns all join requests where the authenticated user is the requester, regardless of status (Pending, Approved, Declined, Cancelled, Expired). Useful for users to track their own join requests.

RespondToRequest(Guid, RespondToJoinRequestRequest, CancellationToken)

Responds to a join request by approving or declining it.

[HttpPost("{requestId}/respond")]
public Task<ActionResult<ProjectJoinRequestDto>> RespondToRequest(Guid requestId, RespondToJoinRequestRequest request, CancellationToken cancellationToken)

Parameters

requestId Guid

The unique identifier of the join request to respond to.

request RespondToJoinRequestRequest

The response request containing approve/decline decision and optional reason.

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<ActionResult<ProjectJoinRequestDto>>

200 OK: Returns updated ProjectJoinRequestDto

403 Forbidden: User is not the project owner and cannot approve/decline this request

400 Bad Request: Join request not found, already responded to, expired, or other error

Remarks

Requires authentication. Only the project owner can respond to join requests. If approved, creates an active project membership for the requester. If declined, marks the request as declined. An email notification is sent to the requester.

RespondToRequestByToken(RespondToJoinRequestByTokenRequest, CancellationToken)

Responds to a join request using a secure token (public endpoint, no authentication required).

[HttpPost("respond-by-token")]
[AllowAnonymous]
public Task<ActionResult<ProjectJoinRequestDto>> RespondToRequestByToken(RespondToJoinRequestByTokenRequest request, CancellationToken cancellationToken)

Parameters

request RespondToJoinRequestByTokenRequest

The response request containing the join request token, approve/decline decision, and optional reason.

cancellationToken CancellationToken

Cancellation token to cancel the operation.

Returns

Task<ActionResult<ProjectJoinRequestDto>>

200 OK: Returns updated ProjectJoinRequestDto

400 Bad Request: Invalid token, join request not found, already responded to, expired, or other error

Remarks

This is a public endpoint (no authentication required) that allows project owners to respond to join requests via email links. The secure token is included in the join request email and provides access without requiring login. If approved, creates an active project membership for the requester. If declined, marks the request as declined.

Edit this page