Merge pull request 'CUB-30: Implement PUT /filaments/{id} update endpoint' (#4) from agent/dex/CUB-30-put-filament-endpoint into dev

Reviewed-on: #4
Reviewed-by: Joshua <joshua@cnjmail.com>

backend/API/Filters/FluentValidationFilter.cs

@@ -0,0 +1,69 @@
+using FluentValidation;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace Extrudex.API.Filters;
+
+/// <summary>
+/// Action filter that automatically validates request DTOs using FluentValidation
+/// validators registered in DI. Runs before the controller action executes.
+/// Returns 400 Bad Request with validation errors if validation fails.
+/// </summary>
+public class FluentValidationFilter : IAsyncActionFilter
+{
+    private readonly IServiceProvider _serviceProvider;
+    private readonly ILogger<FluentValidationFilter> _logger;
+
+    public FluentValidationFilter(IServiceProvider serviceProvider, ILogger<FluentValidationFilter> logger)
+    {
+        _serviceProvider = serviceProvider;
+        _logger = logger;
+    }
+
+    public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
+    {
+        foreach (var argument in context.ActionArguments.Values)
+        {
+            if (argument is null) continue;
+
+            var argumentType = argument.GetType();
+            var validatorType = typeof(IValidator<>).MakeGenericType(argumentType);
+
+            // Try to resolve a validator for this argument type
+            var validator = _serviceProvider.GetService(validatorType) as IValidator;
+            if (validator is null) continue;
+
+            _logger.LogDebug("Validating {Type} with {Validator}", argumentType.Name, validator.GetType().Name);
+
+            var validationResult = await validator.ValidateAsync(
+                new ValidationContext<object>(argument), context.HttpContext.RequestAborted);
+
+            if (!validationResult.IsValid)
+            {
+                foreach (var error in validationResult.Errors)
+                {
+                    context.ModelState.AddModelError(error.PropertyName, error.ErrorMessage);
+                }
+            }
+        }
+
+        if (!context.ModelState.IsValid)
+        {
+            var errors = context.ModelState
+                .Where(kvp => kvp.Value?.Errors.Count > 0)
+                .ToDictionary(
+                    kvp => kvp.Key,
+                    kvp => kvp.Value!.Errors.Select(e => e.ErrorMessage).ToArray());
+
+            context.Result = new BadRequestObjectResult(new
+            {
+                title = "Validation failed",
+                status = 400,
+                errors
+            });
+            return;
+        }
+
+        await next();
+    }
+}

backend/API/Validators/FilamentValidators.cs

@@ -0,0 +1,108 @@
+using Extrudex.API.DTOs.Filaments;
+using FluentValidation;
+
+namespace Extrudex.API.Validators;
+
+/// <summary>
+/// Validation rules for creating a Filament (Spool) via the /filaments route.
+/// Mirrors the domain rules enforced in the controller and ensures consistent
+/// validation regardless of the request pipeline entry point.
+/// </summary>
+public class CreateFilamentRequestValidator : AbstractValidator<CreateFilamentRequest>
+{
+    public CreateFilamentRequestValidator()
+    {
+        RuleFor(x => x.MaterialBaseId)
+            .NotEmpty().WithMessage("MaterialBaseId is required.");
+
+        RuleFor(x => x.MaterialFinishId)
+            .NotEmpty().WithMessage("MaterialFinishId is required.");
+
+        RuleFor(x => x.Brand)
+            .NotEmpty().WithMessage("Brand is required.")
+            .MaximumLength(200).WithMessage("Brand must not exceed 200 characters.");
+
+        RuleFor(x => x.ColorName)
+            .NotEmpty().WithMessage("ColorName is required.")
+            .MaximumLength(200).WithMessage("ColorName must not exceed 200 characters.");
+
+        RuleFor(x => x.ColorHex)
+            .NotEmpty().WithMessage("ColorHex is required.")
+            .Matches(@"^#[0-9A-Fa-f]{6}$").WithMessage("ColorHex must be a valid hex color code (e.g., #FF0000).");
+
+        RuleFor(x => x.WeightTotalGrams)
+            .GreaterThan(0).WithMessage("Total weight must be greater than zero.");
+
+        RuleFor(x => x.WeightRemainingGrams)
+            .GreaterThanOrEqualTo(0).WithMessage("Remaining weight must be non-negative.");
+
+        RuleFor(x => x.WeightRemainingGrams)
+            .LessThanOrEqualTo(x => x.WeightTotalGrams)
+            .WithMessage("WeightRemainingGrams cannot exceed WeightTotalGrams.");
+
+        RuleFor(x => x.FilamentDiameterMm)
+            .GreaterThan(0).WithMessage("Filament diameter must be greater than zero.");
+
+        RuleFor(x => x.SpoolSerial)
+            .NotEmpty().WithMessage("SpoolSerial is required.")
+            .MaximumLength(200).WithMessage("SpoolSerial must not exceed 200 characters.");
+
+        When(x => x.PurchasePrice.HasValue, () =>
+        {
+            RuleFor(x => x.PurchasePrice!.Value)
+                .GreaterThanOrEqualTo(0).WithMessage("Purchase price must be non-negative.");
+        });
+    }
+}
+
+/// <summary>
+/// Validation rules for updating a Filament (Spool) via the /filaments route.
+/// Enforces the same domain rules as creation, plus ensures the updated
+/// WeightRemainingGrams does not exceed the updated WeightTotalGrams.
+/// </summary>
+public class UpdateFilamentRequestValidator : AbstractValidator<UpdateFilamentRequest>
+{
+    public UpdateFilamentRequestValidator()
+    {
+        RuleFor(x => x.MaterialBaseId)
+            .NotEmpty().WithMessage("MaterialBaseId is required.");
+
+        RuleFor(x => x.MaterialFinishId)
+            .NotEmpty().WithMessage("MaterialFinishId is required.");
+
+        RuleFor(x => x.Brand)
+            .NotEmpty().WithMessage("Brand is required.")
+            .MaximumLength(200).WithMessage("Brand must not exceed 200 characters.");
+
+        RuleFor(x => x.ColorName)
+            .NotEmpty().WithMessage("ColorName is required.")
+            .MaximumLength(200).WithMessage("ColorName must not exceed 200 characters.");
+
+        RuleFor(x => x.ColorHex)
+            .NotEmpty().WithMessage("ColorHex is required.")
+            .Matches(@"^#[0-9A-Fa-f]{6}$").WithMessage("ColorHex must be a valid hex color code (e.g., #FF0000).");
+
+        RuleFor(x => x.WeightTotalGrams)
+            .GreaterThan(0).WithMessage("Total weight must be greater than zero.");
+
+        RuleFor(x => x.WeightRemainingGrams)
+            .GreaterThanOrEqualTo(0).WithMessage("Remaining weight must be non-negative.");
+
+        RuleFor(x => x.WeightRemainingGrams)
+            .LessThanOrEqualTo(x => x.WeightTotalGrams)
+            .WithMessage("WeightRemainingGrams cannot exceed WeightTotalGrams.");
+
+        RuleFor(x => x.FilamentDiameterMm)
+            .GreaterThan(0).WithMessage("Filament diameter must be greater than zero.");
+
+        RuleFor(x => x.SpoolSerial)
+            .NotEmpty().WithMessage("SpoolSerial is required.")
+            .MaximumLength(200).WithMessage("SpoolSerial must not exceed 200 characters.");
+
+        When(x => x.PurchasePrice.HasValue, () =>
+        {
+            RuleFor(x => x.PurchasePrice!.Value)
+                .GreaterThanOrEqualTo(0).WithMessage("Purchase price must be non-negative.");
+        });
+    }
+}

backend/Program.cs

@@ -1,4 +1,5 @@
 using System.Reflection;
+using Extrudex.API.Filters;
 using Extrudex.API.Hubs;
 using Extrudex.Domain.Interfaces;
 using Extrudex.Infrastructure.Data;
@@ -23,7 +24,10 @@ builder.Services.AddDbContext<ExtrudexDbContext>(options =>
     options.UseNpgsql(connectionString));
 
 // ── API Services ───────────────────────────────────────────
-builder.Services.AddControllers();
+builder.Services.AddControllers(options =>
+{
+    options.Filters.AddService<FluentValidationFilter>();
+});
 builder.Services.AddEndpointsApiExplorer();
 builder.Services.AddSwaggerGen(c =>
 {
@@ -50,6 +54,10 @@ builder.Services.AddSingleton<IQrCodeService, QrCodeService>();
 // Registers all validators from the API assembly into DI.
 builder.Services.AddValidatorsFromAssembly(Assembly.GetExecutingAssembly());
 
+// Register the FluentValidation action filter so validators run automatically
+// on all API controller actions before the action executes.
+builder.Services.AddScoped<FluentValidationFilter>();
+
 // ── CORS (kiosk + remote browser) ─────────────────────────
 // AllowAnyOrigin disallows credentials by spec; this is fine for
 // REST API calls. SignalR WebSockets negotiate without credentials