package catering.users;

import org.springframework.ui.Model;
import org.springframework.validation.Errors;

import org.salespointframework.useraccount.Role;
import org.salespointframework.useraccount.UserAccount;
import org.salespointframework.useraccount.web.LoggedIn;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;

import jakarta.validation.Valid;

@Controller
public class UserController {

	private final UserManagement userManagement;

	UserController(UserManagement userManagerment){
		this.userManagement = userManagerment;
	};

	@GetMapping("/unauthorized")
	String unauthorized(){
		return "unauthorized";
	}

	@GetMapping("/register")
	String register() {
		return "register";
	}

	@PostMapping("/register")
	String register(@Valid RegistrationForm form, Errors result) {
		if (result.hasErrors()){
			return "register";
		}
		userManagement.createCustomer(form.getUsername(),form.getAddress(),form.getPassword());
		return "redirect:/login";
	}

	@GetMapping("/login")
	public String loginPage(){
		return "login";
	}

	@GetMapping("/profile")
	@PreAuthorize("isAuthenticated()")
	public String viewProfile(Model model, @LoggedIn UserAccount userAccount) {
		if (userAccount == null) {
			return "redirect:/";
		}
		User user = userManagement.getUserByAccount(userAccount).get();
		model.addAttribute("user", user);
		return "profile";
	}

	@PostMapping("/profile")
	@PreAuthorize("isAuthenticated()")
	public String editProfile(@LoggedIn UserAccount userAccount, @RequestParam String password, @RequestParam String address, @RequestParam String username) {
		User user = userManagement.getUserByAccount(userAccount).get();

		if (!username.isBlank()) {
			user.setUsername(username);
		}
		if (!address.isBlank()) {
			user.setAddress(address);
		}
		if (!password.isBlank()) {
			userManagement.setPassword(password, user.getUserAccount());
		}

		userManagement.save(user);

		return "redirect:/profile";
	}

	@GetMapping("/profile/disable")
	@PreAuthorize("hasRole('CUSTOMER')")
	public String disableUser(@LoggedIn UserAccount userAccount) {
		userManagement.disableUserAccount(userAccount);
		return "redirect:/logout";
	}

	@GetMapping("/customers")
	@PreAuthorize("hasRole('ADMIN')")
	public String getCustomer(Model model) {
		model.addAttribute("title", "Kundenverwaltung");
		model.addAttribute("customers", userManagement.getUsers().findAll().stream().filter(customer -> customer.getUserAccount().hasRole(Role.of("CUSTOMER"))).toList());
		return "customers";
	}

	@GetMapping("/customers/remove/{id}")
	@PreAuthorize("hasRole('ADMIN')")
	public String removeCustomer(@PathVariable("id") User user, Model model) {
		userManagement.disableUserAccount(user.getUserAccount());
		return "redirect:/customers";
	}

	@GetMapping("/customers/edit/{id}")
	@PreAuthorize("hasRole('ADMIN')")
	public String editCustomer(@PathVariable("id") User user, Model model) {
		model.addAttribute("customer", user);
		return "edit-customer";
	}

	@PostMapping("/customers/edit/{id}")
	@PreAuthorize("hasRole('ADMIN')")
	public String updateCustomer(@PathVariable("id") User user, @RequestParam String username, @RequestParam String address, Model model) {
		user.setUsername(username);
		user.setAddress(address);
		userManagement.save(user);
		return "redirect:/customers";
	}
}