feature(#20): this commit introduces a new POST action that allows you to associate an audience with a client via the /{id}/audiences route. It includes permission-based authorization and returns appropriate status codes for success, a non-existent client, or an audience that is already associated.

Author: https-richardy

Applications/Backend/Source/HttpsRichardy.Federation.WebApi/Controllers/ClientsController.cs

@@ -141,4 +141,24 @@ public async Task<IActionResult> RevokePermissionAsync([FromRoute] string id, [F
                 StatusCode(StatusCodes.Status409Conflict, result.Error)
         };
     }
+
+    [HttpPost("{id}/audiences")]
+    [Stability(Stability.Stable)]
+    [Authorize(Roles = Permissions.EditClient)]
+    public async Task<IActionResult> AssignAudienceAsync([FromRoute] string id, [FromBody] AssignClientAudienceScheme request, CancellationToken cancellation)
+    {
+        var result = await dispatcher.DispatchAsync(request with { Id = id }, cancellation);
+
+        return result switch
+        {
+            { IsSuccess: true } when result.Data is not null =>
+                StatusCode(StatusCodes.Status200OK, result.Data),
+
+            { IsFailure: true } when result.Error == ClientErrors.ClientDoesNotExist =>
+                StatusCode(StatusCodes.Status404NotFound, result.Error),
+
+            { IsFailure: true } when result.Error == ClientErrors.ClientAlreadyHasAudience =>
+                StatusCode(StatusCodes.Status409Conflict, result.Error),
+        };
+    }
 }