src/Meezi.API/Controllers/CafeSettingsController.cs

using FluentValidation;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Meezi.API.Models.Cafes;
using Meezi.API.Services;
using Meezi.Core.Interfaces;
using Meezi.Core.Utilities;
using Meezi.Infrastructure.Branding;
using Meezi.Infrastructure.Data;
using Meezi.Shared;

namespace Meezi.API.Controllers;

[Route("api/cafes/{cafeId}/settings")]
public class CafeSettingsController : CafeApiControllerBase
{
    private readonly AppDbContext _db;
    private readonly IValidator<PatchCafeSettingsRequest> _validator;

    public CafeSettingsController(AppDbContext db, IValidator<PatchCafeSettingsRequest> validator)
    {
        _db = db;
        _validator = validator;
    }

    [HttpGet]
    public async Task<IActionResult> Get(string cafeId, ITenantContext tenant, CancellationToken ct)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        var cafe = await _db.Cafes.AsNoTracking().FirstOrDefaultAsync(c => c.Id == cafeId, ct);
        if (cafe is null) return NotFoundError();
        return Ok(new ApiResponse<CafeSettingsDto>(true, ToDto(cafe)));
    }

    [HttpPatch]
    public async Task<IActionResult> Patch(
        string cafeId,
        [FromBody] PatchCafeSettingsRequest request,
        ITenantContext tenant,
        CancellationToken ct)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;

        var validation = await _validator.ValidateAsync(request, ct);
        if (!validation.IsValid)
        {
            var first = validation.Errors.First();
            return BadRequest(new ApiResponse<object>(false, null,
                new ApiError("VALIDATION_ERROR", first.ErrorMessage, first.PropertyName)));
        }

        if (request.DefaultTaxRate is not null || request.AllowBranchTaxOverride is not null)
        {
            if (EnsureOwner(tenant) is { } ownerDenied) return ownerDenied;
        }

        var cafe = await _db.Cafes.FirstOrDefaultAsync(c => c.Id == cafeId, ct);
        if (cafe is null) return NotFoundError();

        if (request.Name is not null) cafe.Name = request.Name.Trim();

        if (request.Slug is not null)
        {
            var newSlug = request.Slug.Trim().ToLowerInvariant();
            if (!SlugHelper.IsValidSlug(newSlug))
                return BadRequest(new ApiResponse<object>(false, null,
                    new ApiError("INVALID_SLUG", "Slug must be 2-80 lowercase letters, digits, or hyphens.")));

            var taken = await _db.Cafes.AnyAsync(c => c.Slug == newSlug && c.Id != cafeId, ct);
            if (taken)
                return Conflict(new ApiResponse<object>(false, null,
                    new ApiError("SLUG_TAKEN", "This Koja profile address is already in use. Please choose another.")));

            cafe.Slug = newSlug;
        }
        if (request.Phone is not null) cafe.Phone = request.Phone.Trim();
        if (request.Address is not null) cafe.Address = request.Address.Trim();
        if (request.City is not null) cafe.City = request.City.Trim();
        if (request.Description is not null) cafe.Description = request.Description.Trim();
        if (request.LogoUrl is not null) cafe.LogoUrl = request.LogoUrl.Trim();
        if (request.CoverImageUrl is not null) cafe.CoverImageUrl = request.CoverImageUrl.Trim();
        if (request.SnappfoodVendorId is not null) cafe.SnappfoodVendorId = request.SnappfoodVendorId.Trim();
        if (request.Theme is not null)
            cafe.ThemeJson = CafeThemeSerializer.Serialize(CafeThemeMapping.FromDto(request.Theme));
        if (request.DefaultTaxRate is decimal taxRate)
            cafe.DefaultTaxRate = taxRate;
        if (request.AllowBranchTaxOverride is bool allowTax)
            cafe.AllowBranchTaxOverride = allowTax;

        await _db.SaveChangesAsync(ct);
        return Ok(new ApiResponse<CafeSettingsDto>(true, ToDto(cafe)));
    }

    private static CafeSettingsDto ToDto(Core.Entities.Cafe cafe) => new(
        cafe.Id,
        cafe.Name,
        cafe.Slug,
        cafe.Phone,
        cafe.Address,
        cafe.City,
        cafe.Description,
        cafe.LogoUrl,
        cafe.CoverImageUrl,
        cafe.SnappfoodVendorId,
        cafe.PlanTier.ToString(),
        cafe.PlanExpiresAt,
        CafeThemeMapping.FromJson(cafe.ThemeJson),
        cafe.DefaultTaxRate,
        cafe.AllowBranchTaxOverride);
}
feat(api): .NET 10 multi-tenant REST API 2026-05-27 21:33:48 +03:30			`using FluentValidation;`
			`using Microsoft.AspNetCore.Mvc;`
			`using Microsoft.EntityFrameworkCore;`
			`using Meezi.API.Models.Cafes;`
			`using Meezi.API.Services;`
			`using Meezi.Core.Interfaces;`
fix: sidebar accordion + koja slug + support ticket LINQ crash 2026-05-31 22:28:25 +03:30			`using Meezi.Core.Utilities;`
feat(api): .NET 10 multi-tenant REST API 2026-05-27 21:33:48 +03:30			`using Meezi.Infrastructure.Branding;`
			`using Meezi.Infrastructure.Data;`
			`using Meezi.Shared;`

			`namespace Meezi.API.Controllers;`

			`[Route("api/cafes/{cafeId}/settings")]`
			`public class CafeSettingsController : CafeApiControllerBase`
			`{`
			`private readonly AppDbContext _db;`
			`private readonly IValidator<PatchCafeSettingsRequest> _validator;`

			`public CafeSettingsController(AppDbContext db, IValidator<PatchCafeSettingsRequest> validator)`
			`{`
			`_db = db;`
			`_validator = validator;`
			`}`

			`[HttpGet]`
			`public async Task<IActionResult> Get(string cafeId, ITenantContext tenant, CancellationToken ct)`
			`{`
			`if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;`
			`var cafe = await _db.Cafes.AsNoTracking().FirstOrDefaultAsync(c => c.Id == cafeId, ct);`
			`if (cafe is null) return NotFoundError();`
			`return Ok(new ApiResponse<CafeSettingsDto>(true, ToDto(cafe)));`
			`}`

			`[HttpPatch]`
			`public async Task<IActionResult> Patch(`
			`string cafeId,`
			`[FromBody] PatchCafeSettingsRequest request,`
			`ITenantContext tenant,`
			`CancellationToken ct)`
			`{`
			`if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;`

			`var validation = await _validator.ValidateAsync(request, ct);`
			`if (!validation.IsValid)`
			`{`
			`var first = validation.Errors.First();`
			`return BadRequest(new ApiResponse<object>(false, null,`
			`new ApiError("VALIDATION_ERROR", first.ErrorMessage, first.PropertyName)));`
			`}`

			`if (request.DefaultTaxRate is not null \|\| request.AllowBranchTaxOverride is not null)`
			`{`
			`if (EnsureOwner(tenant) is { } ownerDenied) return ownerDenied;`
			`}`

			`var cafe = await _db.Cafes.FirstOrDefaultAsync(c => c.Id == cafeId, ct);`
			`if (cafe is null) return NotFoundError();`

			`if (request.Name is not null) cafe.Name = request.Name.Trim();`
fix: sidebar accordion + koja slug + support ticket LINQ crash 2026-05-31 22:28:25 +03:30
			`if (request.Slug is not null)`
			`{`
			`var newSlug = request.Slug.Trim().ToLowerInvariant();`
			`if (!SlugHelper.IsValidSlug(newSlug))`
			`return BadRequest(new ApiResponse<object>(false, null,`
			`new ApiError("INVALID_SLUG", "Slug must be 2-80 lowercase letters, digits, or hyphens.")));`

			`var taken = await _db.Cafes.AnyAsync(c => c.Slug == newSlug && c.Id != cafeId, ct);`
			`if (taken)`
			`return Conflict(new ApiResponse<object>(false, null,`
			`new ApiError("SLUG_TAKEN", "This Koja profile address is already in use. Please choose another.")));`

			`cafe.Slug = newSlug;`
			`}`
feat(api): .NET 10 multi-tenant REST API 2026-05-27 21:33:48 +03:30			`if (request.Phone is not null) cafe.Phone = request.Phone.Trim();`
			`if (request.Address is not null) cafe.Address = request.Address.Trim();`
			`if (request.City is not null) cafe.City = request.City.Trim();`
			`if (request.Description is not null) cafe.Description = request.Description.Trim();`
			`if (request.LogoUrl is not null) cafe.LogoUrl = request.LogoUrl.Trim();`
			`if (request.CoverImageUrl is not null) cafe.CoverImageUrl = request.CoverImageUrl.Trim();`
			`if (request.SnappfoodVendorId is not null) cafe.SnappfoodVendorId = request.SnappfoodVendorId.Trim();`
			`if (request.Theme is not null)`
			`cafe.ThemeJson = CafeThemeSerializer.Serialize(CafeThemeMapping.FromDto(request.Theme));`
			`if (request.DefaultTaxRate is decimal taxRate)`
			`cafe.DefaultTaxRate = taxRate;`
			`if (request.AllowBranchTaxOverride is bool allowTax)`
			`cafe.AllowBranchTaxOverride = allowTax;`

			`await _db.SaveChangesAsync(ct);`
			`return Ok(new ApiResponse<CafeSettingsDto>(true, ToDto(cafe)));`
			`}`

			`private static CafeSettingsDto ToDto(Core.Entities.Cafe cafe) => new(`
			`cafe.Id,`
			`cafe.Name,`
			`cafe.Slug,`
			`cafe.Phone,`
			`cafe.Address,`
			`cafe.City,`
			`cafe.Description,`
			`cafe.LogoUrl,`
			`cafe.CoverImageUrl,`
			`cafe.SnappfoodVendorId,`
			`cafe.PlanTier.ToString(),`
			`cafe.PlanExpiresAt,`
			`CafeThemeMapping.FromJson(cafe.ThemeJson),`
			`cafe.DefaultTaxRate,`
			`cafe.AllowBranchTaxOverride);`
			`}`