using AutoMapper;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http.HttpResults;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using OnlyPrompt.Backend.Database;
using OnlyPrompt.Backend.Database.Models;

namespace OnlyPrompt.Backend.Controllers
{
	[ApiController]
	[Route("api/v1/admin")]
	[Authorize(Roles = ModelConstants.AdminRole)]
	public class AdminController : BaseController
	{
		public AdminController(OnlyPromptContext db, IMapper mapper) : base(db, mapper)
		{
		}

		private Task<UserModel?> GetNonAdminUserAsync(Guid id, bool isSysAdmin = false)
		{
			return _db.Users.FirstOrDefaultAsync(
				u => u.Id == id
				&& (isSysAdmin || u.Roles.Contains(ModelConstants.AdminRole) == false)
				&& u.Roles.Contains(ModelConstants.SysAdminRole) == false
			);
		}

		[HttpPost("users/{userId}/disable")]
		public async Task<Results<Ok, NotFound<string>>> DisableUserAsync(Guid userId)
		{
			var user = await GetNonAdminUserAsync(userId, User.IsInRole(ModelConstants.SysAdminRole));
			if (user is null)
				return TypedResults.NotFound("User not found.");

			user.IsLockoutEnabled = true;
			await _db.SaveChangesAsync();
			return TypedResults.Ok();
		}

		[HttpPost("users/{userId}/enable")]
		public async Task<Results<Ok, NotFound<string>>> EnableUserAsync(Guid userId)
		{
			var user = await GetNonAdminUserAsync(userId, User.IsInRole(ModelConstants.SysAdminRole));
			if (user is null)
				return TypedResults.NotFound("User not found.");

			user.IsLockoutEnabled = false;
			await _db.SaveChangesAsync();
			return TypedResults.Ok();
		}

		[HttpPut("users/{userId}/roles/{role}")]
		public async Task<Results<Ok, NotFound<string>>> UpdateUserRolesAsync(Guid userId, string role)
		{
			if (ModelConstants.AllRoles.Contains(role) == false)
				return TypedResults.NotFound($"No such role '{role}'");

			var user = await GetNonAdminUserAsync(userId, User.IsInRole(ModelConstants.SysAdminRole));
			if (user is null)
				return TypedResults.NotFound("User not found.");

			user.Roles.Add(role);
			await _db.SaveChangesAsync();
			return TypedResults.Ok();
		}

		[HttpDelete("users/{userId}/roles/{role}")]
		public async Task<Results<Ok, NotFound<string>>> RemoveUserRoleAsync(Guid userId, string role)
		{
			if (ModelConstants.AllRoles.Contains(role) == false)
				return TypedResults.NotFound($"No such role '{role}'");

			var user = await GetNonAdminUserAsync(userId, User.IsInRole(ModelConstants.SysAdminRole));
			if (user is null)
				return TypedResults.NotFound("User not found.");

			user.Roles.Remove(role);
			await _db.SaveChangesAsync();
			return TypedResults.Ok();
		}
	}
}