Greenfield: Improve store users API (#6427)

* Greenfield: Improve store users API

- Adds an endpoint to update store users (before they had to be removed ad re-added)
- Checks for the existance of a user and responds with 404 in that case (fixes #6423)
- Allows retrieval of user by user id or email for add and update (consistent with the other endpoints)
- Improves the API docs for the store users endpoints

* Swagger: Reuse UserIdOrEmail parameter component

* Add details to store user data

BTCPayServer/Controllers/GreenField/GreenfieldStoreUsersController.cs

@@ -11,6 +11,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Cors;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
+using StoreData = BTCPayServer.Data.StoreData;
 
 namespace BTCPayServer.Controllers.Greenfield
 {
@@ -30,10 +31,10 @@ namespace BTCPayServer.Controllers.Greenfield
 
         [Authorize(Policy = Policies.CanViewStoreSettings, AuthenticationSchemes = AuthenticationSchemes.Greenfield)]
         [HttpGet("~/api/v1/stores/{storeId}/users")]
-        public IActionResult GetStoreUsers()
+        public async Task<IActionResult> GetStoreUsers()
         {
             var store = HttpContext.GetStoreData();
-            return store == null ? StoreNotFound() : Ok(FromModel(store));
+            return store == null ? StoreNotFound() : Ok(await FromModel(store));
         }
 
         [Authorize(Policy = Policies.CanModifyStoreSettings, AuthenticationSchemes = AuthenticationSchemes.Greenfield)]
@@ -41,31 +42,28 @@ namespace BTCPayServer.Controllers.Greenfield
         public async Task<IActionResult> RemoveStoreUser(string storeId, string idOrEmail)
         {
             var store = HttpContext.GetStoreData();
-            if (store == null)
-            {
-                return StoreNotFound();
-            }
+            if (store == null) return StoreNotFound();
 
-            var userId = await _userManager.FindByIdOrEmail(idOrEmail);
-            if (userId != null && await _storeRepository.RemoveStoreUser(storeId, idOrEmail))
-            {
-                return Ok();
-            }
-
-            return this.CreateAPIError(409, "store-user-role-orphaned", "Removing this user would result in the store having no owner.");
+            var user = await _userManager.FindByIdOrEmail(idOrEmail);
+            if (user == null) return UserNotFound();
+            
+            return await _storeRepository.RemoveStoreUser(storeId, user.Id)
+                ? Ok()
+                : this.CreateAPIError(409, "store-user-role-orphaned", "Removing this user would result in the store having no owner.");
         }
 
         [Authorize(Policy = Policies.CanModifyStoreSettings, AuthenticationSchemes = AuthenticationSchemes.Greenfield)]
         [HttpPost("~/api/v1/stores/{storeId}/users")]
-        public async Task<IActionResult> AddStoreUser(string storeId, StoreUserData request)
+        [HttpPut("~/api/v1/stores/{storeId}/users/{idOrEmail?}")]
+        public async Task<IActionResult> AddOrUpdateStoreUser(string storeId, StoreUserData request, string idOrEmail = null)
         {
             var store = HttpContext.GetStoreData();
-            if (store == null)
-            {
-                return StoreNotFound();
-            }
-            StoreRoleId roleId = null;
+            if (store == null) return StoreNotFound();
 
+            var user = await _userManager.FindByIdOrEmail(idOrEmail ?? request.UserId);
+            if (user == null) return UserNotFound();
+            
+            StoreRoleId roleId = null;
             if (request.Role is not null)
             {
                 roleId = await _storeRepository.ResolveStoreRoleId(storeId, request.Role);
@@ -76,21 +74,42 @@ namespace BTCPayServer.Controllers.Greenfield
             if (!ModelState.IsValid)
                 return this.CreateValidationError(ModelState);
 
-            if (await _storeRepository.AddStoreUser(storeId, request.UserId, roleId))
-            {
-                return Ok();
-            }
-
-            return this.CreateAPIError(409, "duplicate-store-user-role", "The user is already added to the store");
+            var result = string.IsNullOrEmpty(idOrEmail)
+                ? await _storeRepository.AddStoreUser(storeId, user.Id, roleId)
+                : await _storeRepository.AddOrUpdateStoreUser(storeId, user.Id, roleId);
+            return result
+                ? Ok()
+                : this.CreateAPIError(409, "duplicate-store-user-role", "The user is already added to the store");
         }
 
-        private IEnumerable<StoreUserData> FromModel(Data.StoreData data)
+        private async Task<IEnumerable<StoreUserData>> FromModel(StoreData data)
         {
-            return data.UserStores.Select(store => new StoreUserData() { UserId = store.ApplicationUserId, Role = store.StoreRoleId });
+            var storeUsers = new List<StoreUserData>();
+            foreach (var storeUser in data.UserStores)
+            {
+                var user = await _userManager.FindByIdOrEmail(storeUser.ApplicationUserId);
+                var blob = user?.GetBlob();
+                storeUsers.Add(new StoreUserData
+                {
+                    UserId = storeUser.ApplicationUserId,
+                    Role = storeUser.StoreRoleId,
+                    Email = user?.Email,
+                    Name = blob?.Name,
+                    ImageUrl = blob?.ImageUrl,
+
+                });
+            }
+            return storeUsers;
         }
+
         private IActionResult StoreNotFound()
         {
             return this.CreateAPIError(404, "store-not-found", "The store was not found");
         }
+
+        private IActionResult UserNotFound()
+        {
+            return this.CreateAPIError(404, "user-not-found", "The user was not found");
+        }
     }
 }