server/core/lib/Controllers/UserProfileController.php

<?php

namespace KTXC\Controllers;

use KTXC\Http\Response\JsonResponse;
use KTXC\Service\UserAccountsService;
use KTXC\SessionIdentity;
use KTXC\SessionTenant;
use KTXF\Controller\ControllerAbstract;
use KTXF\Routing\Attributes\AuthenticatedRoute;

class UserProfileController extends ControllerAbstract
{
    public function __construct(
        private readonly SessionTenant $tenantIdentity,
        private readonly SessionIdentity $userIdentity,
        private readonly UserAccountsService $userService
    ) {}

    /** 
     * Retrieve user profile
     * 
     * @return JsonResponse Profile data with editability metadata
     */
    #[AuthenticatedRoute(
        '/user/profile', 
        name: 'user.profile.read', 
        methods: ['GET'],
        permissions: ['user.profile.read']
    )]
    public function read(): JsonResponse
    {
        $userId = $this->userIdentity->identifier();

        // Get profile with editability metadata
        $profile = $this->userService->getEditableFields($userId);

        return new JsonResponse($profile, JsonResponse::HTTP_OK);
    }

    /** 
     * Update user profile fields
     * Only editable fields can be updated. Provider-managed fields are automatically filtered out.
     * 
     * @param array $data Key-value pairs of profile fields to update
     * 
     * @example request body:
     * {
     *   "data": {
     *     "name_given": "John",
     *     "name_family": "Doe",
     *     "phone": "+1234567890"
     *   }
     * }
     * 
     * @return JsonResponse Updated profile data
     */
    #[AuthenticatedRoute(
        '/user/profile', 
        name: 'user.profile.update', 
        methods: ['PUT', 'PATCH'],
        permissions: ['user.profile.update']
    )]
    public function update(array $data): JsonResponse
    {
        $userId = $this->userIdentity->identifier();

        // storeProfile automatically filters out provider-managed fields
        $this->userService->storeProfile($userId, $data);

        // Return updated profile with metadata
        $updatedProfile = $this->userService->getEditableFields($userId);

        return new JsonResponse($updatedProfile, JsonResponse::HTTP_OK);
    }
}