Enhance subscription and membership management

- Enforced role-based access control in `ClubSettingsController`.
- Added `SubscriptionsController` for subscription management.
- Introduced commands/handlers for subscription lifecycle actions.
- Refactored `MembershipPlan` to use `DurationInMonths`.
- Added `WillNotRenew` to `Subscription` for soft cancellations.
- Added `IsRefundAllowed` to `ClubSettings` for refund policies.
- Improved token service with issuer claim and validation updates.
- Enhanced `Member` repository to include related entities.
- Added `PaginatedList<T>` for query pagination support.
- Updated database schema with new columns and relationships.
- Refactored and normalized subscription/insurance payment dates.
- Updated tests to reflect changes in subscription and membership.
- Removed unused code and improved exception handling.

Author: HamzaZeroual2

GymMgmt.Api/Controllers/ClubSettings/ClubSettingsController.cs

@@ -11,6 +11,7 @@ namespace GymMgmt.Api.Controllers.ClubSettings
 {
     [Route("api/[controller]")]
     [ApiController]
+    [Authorize(Roles = "Admin")]
     public class ClubSettingsController : ControllerBase
     {
         private readonly IMediator _mediator;
@@ -19,7 +20,7 @@ public ClubSettingsController(IMediator mediator)
             _mediator = mediator;
         }
 
-        [AllowAnonymous]
+        
         [HttpPost("AddClubSettings")]
         [ProducesResponseType(typeof(ApiResponse<ReadClubSettingsDto>), (int)HttpStatusCode.Created)]
         [ProducesResponseType(typeof(ApiResponse<object>), (int)HttpStatusCode.BadRequest)]
@@ -33,7 +34,6 @@ public async Task<ActionResult> CreateClubSettings([FromBody]  CreateClubSetting
         }
 
         [HttpGet("GetClubSetting")]
-        [AllowAnonymous]
         [ProducesResponseType(StatusCodes.Status200OK)]
         [ProducesResponseType(StatusCodes.Status401Unauthorized)]
         [ProducesResponseType(typeof(ApiResponse<ReadClubSettingsDto>), (int)HttpStatusCode.OK)]
@@ -45,7 +45,6 @@ public async Task<ActionResult> GetClubSetting()
 
             return Ok(ApiResponse<ReadClubSettingsDto>.Success(result));
         }
-        [AllowAnonymous]
         [HttpPut("UpdateClubSetting")]
         [ProducesResponseType(typeof(ApiResponse<ReadClubSettingsDto>), (int)HttpStatusCode.OK)]
         [ProducesResponseType(typeof(ApiResponse<object>), (int)HttpStatusCode.NotFound)]

GymMgmt.Api/Controllers/Members/MembersController.cs

@@ -3,6 +3,8 @@
 using GymMgmt.Application.Features.Members.GetAllMembers;
 using GymMgmt.Application.Features.Members.GetMemberById;
 using GymMgmt.Application.Features.Members.PayInsurrance;
+using GymMgmt.Application.Features.Members.UpdateMember;
+using GymMgmt.Application.Features.Memberships.UpdateMembershipPlan;
 using MediatR;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
@@ -57,6 +59,20 @@ public async Task<ActionResult> GetAllMembers()
             return Ok(ApiResponse<IEnumerable<ReadMemberDto>>.Success(result));
         }
 
+        [AllowAnonymous]
+        [HttpPut("{id:Guid}")]
+        [ProducesResponseType(typeof(ApiResponse<ReadMemberDto>), (int)HttpStatusCode.OK)]
+        [ProducesResponseType(typeof(ApiResponse<object>), (int)HttpStatusCode.BadRequest)]
+        public async Task<ActionResult> UpdateMember(Guid id,UpdateMemberCommand updateMemberCommand)
+        {
+            if (updateMemberCommand.MemberId != id)
+            {
+                return BadRequest(ApiResponse<object>.Fail("Route ID and body ID mismatch"));
+            }
+            var result = await _mediator.Send(updateMemberCommand);
+            return Ok(ApiResponse<ReadMemberDto>.Success(result));
+        }
+
         [AllowAnonymous]
         [HttpPost("PayInsurance")]
         [ProducesResponseType(StatusCodes.Status401Unauthorized)]

GymMgmt.Api/Controllers/Subscriptions/SubscriptionsController.cs

@@ -0,0 +1,53 @@
+using GymMgmt.Api.Middlewares.Responses;
+using GymMgmt.Application.Features.Subscriptions.CancelSubscription;
+using GymMgmt.Application.Features.Subscriptions.ExtendSubscription;
+using GymMgmt.Application.Features.Subscriptions.StartSubscription;
+using MediatR;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using System.Net;
+
+namespace GymMgmt.Api.Controllers.Subscriptions
+{
+    [Route("api/[controller]")]
+    [ApiController]
+    public class SubscriptionsController : ControllerBase
+    {
+        private readonly IMediator _mediator;
+
+        public SubscriptionsController(IMediator mediator)
+        {
+            _mediator = mediator;
+        }
+
+        [AllowAnonymous] // TODO: Secure this endpoint
+        [HttpPost("Start")]
+        [ProducesResponseType(typeof(ApiResponse<Guid>), (int)HttpStatusCode.OK)]
+        [ProducesResponseType(typeof(ApiResponse<object>), (int)HttpStatusCode.BadRequest)]
+        public async Task<ActionResult> StartSubscription([FromBody] StartSubscriptionCommand command)
+        {
+            var result = await _mediator.Send(command);
+            return Ok(ApiResponse<Guid>.Success(result, "Subscription started successfully"));
+        }
+
+        [AllowAnonymous] // TODO: Secure this endpoint
+        [HttpPost("Extend")]
+        [ProducesResponseType(typeof(ApiResponse<bool>), (int)HttpStatusCode.OK)]
+        [ProducesResponseType(typeof(ApiResponse<object>), (int)HttpStatusCode.BadRequest)]
+        public async Task<ActionResult> ExtendSubscription([FromBody] ExtendSubscriptionCommand command)
+        {
+            var result = await _mediator.Send(command);
+            return Ok(ApiResponse<bool>.Success(result, "Subscription extended successfully"));
+        }
+
+        [AllowAnonymous] // TODO: Secure this endpoint
+        [HttpPost("Cancel")]
+        [ProducesResponseType(typeof(ApiResponse<bool>), (int)HttpStatusCode.OK)]
+        [ProducesResponseType(typeof(ApiResponse<object>), (int)HttpStatusCode.BadRequest)]
+        public async Task<ActionResult> CancelSubscription([FromBody] CancelSubscriptionCommand command)
+        {
+            var result = await _mediator.Send(command);
+            return Ok(ApiResponse<bool>.Success(result, "Subscription cancelled successfully"));
+        }
+    }
+}

GymMgmt.Api/Program.cs

@@ -111,16 +111,16 @@ public static async Task Main(string[] args)
             }
             app.UseRouting();
             app.UseCors(DefaultCorsPolicyName);
+            
 
+            app.UseExceptionsHandlingMiddleware();
             app.UseHttpsRedirection();
 
             app.UseAuthentication();
             app.UseAuthorization();
 
 
 
-            app.UseExceptionsHandlingMiddleware();
-
             using (var scope = app.Services.CreateScope())
             {
                 var roleInitializer = scope.ServiceProvider.GetRequiredService<IRoleInitializer>();

GymMgmt.Application/Common/Models/PaginatedList.cs

@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace GymMgmt.Application.Common.Models
+{
+    public sealed record PaginatedList<T>
+    {
+        public List<T> Items { get; init; } = new();
+        public int PageNumber { get; init; }
+        public int PageSize { get; init; }
+        public int TotalCount { get; init; }
+        public int TotalPages => (int)Math.Ceiling(TotalCount / (double)PageSize);
+        public bool HasPreviousPage => PageNumber > 1;
+        public bool HasNextPage => PageNumber < TotalPages;
+    }
+}

GymMgmt.Application/Features/ClubSetup/UpdateClubSettings/UpdateClubSettingsCommand.cs

@@ -6,7 +6,7 @@
 namespace GymMgmt.Application.Features.ClubSetup.UpdateClubSettings
 {
     public sealed record UpdateClubSettingsCommand(
-        ClubSettingsId ClubSettingsId,
+        Guid ClubSettingsId,
         decimal InsurranceFeeAmount,
         bool AreNewMembersAllowed,
         bool IsInsuranceFeeRequired,

GymMgmt.Application/Features/ClubSetup/UpdateClubSettings/UpdateClubSettingsCommandHandler.cs

@@ -25,7 +25,7 @@ public UpdateClubSettingsCommandHandler(IClubSettingsRepository clubSettingsRepo
         }
         public async Task<ReadClubSettingsDto> Handle(UpdateClubSettingsCommand request, CancellationToken cancellationToken)
         {
-            var existingSettings = await _clubSettingsRepository.FindByIdAsync(request.ClubSettingsId, cancellationToken);
+            var existingSettings = await _clubSettingsRepository.FindByIdAsync(ClubSettingsId.FromValue(request.ClubSettingsId), cancellationToken);
 
             if (existingSettings == null) {
                 throw new NotFoundException();

GymMgmt.Application/Features/ClubSetup/UpdateClubSettings/UpdateClubSettingsValidator.cs

@@ -32,9 +32,9 @@ public UpdateClubSettingsValidator(IClubSettingsRepository repository) {
                 .WithMessage("Subscription Grace Period must be positive");
 
         }
-        private async Task<bool> ExistAsync(ClubSettingsId clubSettingsId, CancellationToken cancellationToken)
+        private async Task<bool> ExistAsync(Guid clubSettingsId, CancellationToken cancellationToken)
         {
-            var exists = await _repository.FindByIdAsync( clubSettingsId,cancellationToken);
+            var exists = await _repository.FindByIdAsync(ClubSettingsId.FromValue(clubSettingsId),cancellationToken);
             return exists !=null ;
         }
     }

GymMgmt.Application/Features/Members/UpdateMember/UpdateMemberCommand.cs

@@ -6,7 +6,7 @@
 namespace GymMgmt.Application.Features.Members.UpdateMember
 {
     public sealed record UpdateMemberCommand(
-        Guid memberId,
+        Guid MemberId,
         string FirstName,
         string LastName,
         string? Email,

GymMgmt.Application/Features/Members/UpdateMember/UpdateMemberCommandHandler.cs

@@ -1,6 +1,7 @@
 using AutoMapper;
 using GymMgmt.Application.Common.Exceptions;
 using GymMgmt.Application.Features.Members.GetMemberById;
+using GymMgmt.Domain.Common.ValueObjects;
 using GymMgmt.Domain.Entities.Members;
 using MediatR;
 using System;
@@ -24,15 +25,15 @@ public UpdateMemberCommandHandler(IMemberRepository memberRepository, IMapper ma
         }
         public async Task<ReadMemberDto> Handle(UpdateMemberCommand request, CancellationToken cancellationToken)
         {
-            var memberid = MemberId.FromValue(request.memberId);
+            var memberid = MemberId.FromValue(request.MemberId);
 
             var member = await _memberRepository.FindByIdAsync(memberid, cancellationToken)
                     ?? throw new NotFoundException(nameof(Member), memberid);
 
             member.UpdateName(request.FirstName, request.LastName);
             member.UpdatePhoneNumber(request.PhoneNumber);
-            member.UpdateAddress(member.Address);
-            member.UpdateEmail(member.Email);
+            member.UpdateAddress(_mapper.Map<Address>(request.AddressDto));
+            member.UpdateEmail(request.Email);
 
             return _mapper.Map<ReadMemberDto>(member);
         }