POST /api/arena/model-vote

​

Authentication

sub | ClaimTypes.NameIdentifier → User UUID (optional, fallback if userId not in body)

​

Request Body

if (request == null || request.ComparisonId == Guid.Empty) {
    return BadRequest("ComparisonId is required");
}

if (string.IsNullOrWhiteSpace(request.VoteChoice)) {
    return BadRequest("VoteChoice is required (left, right, tie, both-bad)");
}

Guid? userId = request.UserId;
if (!userId.HasValue) {
    // Extract from JWT claims
    userId = parsedId from JWT;
}

curl -X POST 'http://localhost:5079/api/arena/model-vote' \
  -H 'Authorization: Bearer YOUR_JWT_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "comparisonId": "c7d3a4b2-9e1f-4c5d-8b3a-7f6e9d2c1a0b",
    "voteChoice": "left"
  }'

{
  "success": true,
  "message": "Vote recorded successfully"
}

​

Side Effects

await _modelStatsService.RecordVoteByChoiceAsync(
    request.ComparisonId, 
    request.VoteChoice.ToLower(), 
    userId
);

1. model_votes table (INSERT):
   • comparison_id → request.ComparisonId
   • vote_choice → request.VoteChoice (lowercased)
   • user_id → userId (from body or JWT)
   • created_at → NOW()
2. Potential CASCADE UPDATES (service-level, not in controller):
   • ai_models table: Win/loss count updates not enforced by server contract
   • comparisons table: Winner field update not enforced by server contract

​

Authorization

• Any authenticated user can vote on any comparison
• No verification that user created the comparison

• Multiple votes on same comparison allowed
• Deduplication logic (if any) in service layer

​

Permissions

• Any authenticated user
• User who created comparison
• Users who didn’t create comparison

• Unauthenticated users

​

Edge Cases

1. Empty GUID comparison_id: 400 error (Lines 26-34)
2. Null voteChoice: 400 error (Lines 36-44)
3. Empty voteChoice: 400 error (Lines 36-44)
4. Whitespace-only voteChoice: 400 error (Lines 36-44)
5. Invalid voteChoice (not in enum): Behavior not enforced by server contract (service validation assumed)
6. Comparison doesn’t exist: Service exception → 500 error
7. Multiple votes on same comparison: Allowed (no uniqueness check in controller)
8. Vote on own comparison: Allowed
9. userId in body but different from JWT: Body value used (Lines 48-49)
10. No userId in body, no JWT claim: userId = null, passed to service

​

Error Conditions

catch (Exception ex) {
    return StatusCode(500, new { error = ex.Message, code = "VOTE_ERROR" });
}

• All service exceptions return 500
• Exception message exposed to client

• “Comparison not found”
• “Invalid vote choice”
• “Database constraint violation”

​

Vote Choice Semantics

​

"left" (Lines 59-63)

• Votes for model in agent1 position
• Win count increment behavior not enforced by server contract

​

"right"

• Votes for model in agent2 position
• Win count increment behavior not enforced by server contract

​

"tie"

• Both models equally good
• Tie count increment behavior not enforced by server contract

​

"both-bad"

• Both models equally bad
• Loss count increment behavior not enforced by server contract

​

Behavioral Guarantees

• Each call creates new vote record
• No deduplication

• Can vote on old comparisons
• No time limit enforced

​

Comparison Validation

• Assumed to be in service layer
• If comparison doesn’t exist, service throws exception → 500

• Any user can vote on any comparison

​

Vote Storage

RecordVoteByChoiceAsync(comparisonId, voteChoice, userId)

• Lookup comparison by comparisonId
• Resolve voteChoice (“left”/“right”) to actual model name
• Store vote with model reference

• Validate comparison exists
• Resolve model names
• Check duplicate votes

​

Authentication Fallback

1. request.UserId (if provided and valid GUID)
2. JWT sub claim
3. JWT ClaimTypes.NameIdentifier claim
4. null (if none available)

​

Validation Order

1. Request body null check
2. ComparisonId validation (400 if invalid)
3. VoteChoice validation (400 if invalid)
4. UserId extraction (body or JWT)
5. Service call (500 if fails)