ShopSolution-backend/Webshop.Api/Controllers/Admin/AdminReviewsController.cs

// src/Webshop.Api/Controllers/Admin/AdminReviewsController.cs
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Threading.Tasks;
using Webshop.Application.Services.Admin;

namespace Webshop.Api.Controllers.Admin
{
    [ApiController]
    [Route("api/v1/admin/[controller]")]
    [Authorize(Roles = "Admin")]
    public class AdminReviewsController : ControllerBase
    {
        private readonly IAdminReviewService _adminReviewService;

        public AdminReviewsController(IAdminReviewService adminReviewService)
        {
            _adminReviewService = adminReviewService;
        }

        [HttpGet]
        public async Task<IActionResult> GetAllReviews()
        {
            var reviews = await _adminReviewService.GetAllReviewsAsync();
            return Ok(reviews);
        }

        [HttpPost("{id}/approve")]
        public async Task<IActionResult> ApproveReview(Guid id)
        {
            var result = await _adminReviewService.ApproveReviewAsync(id);
            if (result.Type == Application.ServiceResultType.Success) return NoContent();
            return NotFound(new { Message = result.ErrorMessage });
        }

        [HttpDelete("{id}")]
        public async Task<IActionResult> DeleteReview(Guid id)
        {
            var result = await _adminReviewService.DeleteReviewAsync(id);
            if (result.Type == Application.ServiceResultType.Success) return NoContent();
            return NotFound(new { Message = result.ErrorMessage });
        }
    }
}