using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using Manager.Services;
using ManagerService.Data;
using ManagerService.DTOs;
using ManagerService.Helpers;
using ManagerService.Service;
using ManagerService.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
using NSwag.Annotations;

namespace ManagerService.Controllers
{
    [Authorize(Policy = ManagerService.Service.Security.Policies.InstanceAdmin)]
    [ApiController, Route("api/[controller]")]
    [OpenApiTag("User", Description = "User management")]
    public class UserController : ControllerBase
    {
        private UserDatabaseService _userService;
        private readonly ILogger<UserController> _logger;
        private readonly ProfileLogic _profileLogic;
        private readonly MyInfoMateDbContext _myInfoMateDbContext;
        IHexIdGeneratorService idService = new HexIdGeneratorService();

        public UserController(ILogger<UserController> logger, UserDatabaseService userService, ProfileLogic profileLogic, MyInfoMateDbContext myInfoMateDbContext)
        {
            _logger = logger;
            _userService = userService;
            _profileLogic = profileLogic;
            _myInfoMateDbContext = myInfoMateDbContext;
        }

        private string? GetCallerInstanceId() =>
            User.FindFirst(ManagerService.Service.Security.ClaimTypes.InstanceId)?.Value;

        private bool IsSuperAdmin() =>
            User.HasClaim(ManagerService.Service.Security.ClaimTypes.Permission, ManagerService.Service.Security.Permissions.SuperAdmin);

        private UserRole GetCallerRole()
        {
            if (User.HasClaim(ManagerService.Service.Security.ClaimTypes.Permission, ManagerService.Service.Security.Permissions.SuperAdmin))    return UserRole.SuperAdmin;
            if (User.HasClaim(ManagerService.Service.Security.ClaimTypes.Permission, ManagerService.Service.Security.Permissions.InstanceAdmin)) return UserRole.InstanceAdmin;
            if (User.HasClaim(ManagerService.Service.Security.ClaimTypes.Permission, ManagerService.Service.Security.Permissions.ContentEditor)) return UserRole.ContentEditor;
            return UserRole.Viewer;
        }

        /// <summary>
        /// Get a list of user
        /// </summary>
        [ProducesResponseType(typeof(List<UserDetailDTO>), 200)]
        [ProducesResponseType(typeof(string), 500)]
        [HttpGet]
        public ObjectResult Get()
        {
            try
            {
                var query = _myInfoMateDbContext.Users.AsQueryable();

                if (!IsSuperAdmin())
                    query = query.Where(u => u.InstanceId == GetCallerInstanceId());

                return new OkObjectResult(query.ToList().Select(u => u.ToDTO()));
            }
            catch (Exception ex)
            {
                return new ObjectResult(ex.Message) { StatusCode = 500 };
            }
        }

        /// <summary>
        /// Get a specific user
        /// </summary>
        /// <param name="id">id user</param>
        [ProducesResponseType(typeof(UserDetailDTO), 200)]
        [ProducesResponseType(typeof(string), 404)]
        [ProducesResponseType(typeof(string), 500)]
        [HttpGet("{id}")]
        public ObjectResult GetDetail(string id)
        {
            try
            {
                User user = _myInfoMateDbContext.Users.FirstOrDefault(i => i.Id == id);

                if (user == null)
                    throw new KeyNotFoundException("This user was not found");

                return new OkObjectResult(user.ToDTO());
            }
            catch (KeyNotFoundException ex)
            {
                return new NotFoundObjectResult(ex.Message) {};
            }
            catch (Exception ex)
            {
                return new ObjectResult(ex.Message) { StatusCode = 500 };
            }
        }

        /// <summary>
        /// Create an user
        /// </summary>
        /// <param name="newUserDTO">New user info</param>
        [ProducesResponseType(typeof(UserDetailDTO), 200)]
        [ProducesResponseType(typeof(string), 400)]
        [ProducesResponseType(typeof(string), 409)]
        [ProducesResponseType(typeof(string), 500)]
        [HttpPost]
        public ObjectResult CreateUser([FromBody] UserDetailDTO newUserDTO)
        {
            try
            {
                if (newUserDTO == null)
                    throw new ArgumentNullException("User param is null");

                if (newUserDTO.instanceId == null)
                    throw new ArgumentNullException("InstanceId is null");

                if (newUserDTO.password == null)
                    throw new ArgumentNullException("Password is null");

                var requestedRole = newUserDTO.role ?? UserRole.ContentEditor;
                if (requestedRole < GetCallerRole())
                    throw new UnauthorizedAccessException("Cannot assign a role higher than your own");

                User newUser = new User();
                newUser.InstanceId = newUserDTO.instanceId;
                newUser.Email = newUserDTO.email;
                newUser.FirstName = newUserDTO.firstName;
                newUser.LastName = newUserDTO.lastName;
                newUser.Role = requestedRole;
                newUser.Token = Guid.NewGuid().ToString();
                newUser.DateCreation = DateTime.Now.ToUniversalTime();
                newUser.Id = idService.GenerateHexId();

                if (_myInfoMateDbContext.Users.Any(u => u.Email == newUser.Email))
                    throw new InvalidOperationException("This Email is already used");

                newUser.Password = _profileLogic.HashPassword(newUserDTO.password);

                _myInfoMateDbContext.Add(newUser);
                _myInfoMateDbContext.SaveChanges();

                return new OkObjectResult(newUser.ToDTO());
            }
            catch (ArgumentNullException ex)
            {
                return new BadRequestObjectResult(ex.Message) {};
            }
            catch (UnauthorizedAccessException ex)
            {
                return new ObjectResult(ex.Message) { StatusCode = 403 };
            }
            catch (InvalidOperationException ex)
            {
                return new ConflictObjectResult(ex.Message) {};
            }
            catch (Exception ex)
            {
                return new ObjectResult(ex.Message) { StatusCode = 500 };
            }
        }

        /// <summary>
        /// Update an user
        /// </summary>
        /// <param name="updatedUser">User to update</param>
        [ProducesResponseType(typeof(UserDetailDTO), 200)]
        [ProducesResponseType(typeof(string), 400)]
        [ProducesResponseType(typeof(string), 404)]
        [ProducesResponseType(typeof(string), 500)]
        [HttpPut]
        public ObjectResult UpdateUser([FromBody] UserDetailDTO updatedUser)
        {
            try
            {
                if (updatedUser == null)
                    throw new ArgumentNullException("User param is null");

                User user = _myInfoMateDbContext.Users.FirstOrDefault(u => u.Id == updatedUser.id);

                if (user == null)
                    throw new KeyNotFoundException("User does not exist");

                user.FirstName = updatedUser.firstName;
                user.LastName = updatedUser.lastName;

                if (updatedUser.role.HasValue)
                {
                    if (updatedUser.role.Value < GetCallerRole())
                        throw new UnauthorizedAccessException("Cannot assign a role higher than your own");
                    user.Role = updatedUser.role.Value;
                }

                _myInfoMateDbContext.SaveChanges();

                return new OkObjectResult(user.ToDTO());
            }
            catch (ArgumentNullException ex)
            {
                return new BadRequestObjectResult(ex.Message) {};
            }
            catch (UnauthorizedAccessException ex)
            {
                return new ObjectResult(ex.Message) { StatusCode = 403 };
            }
            catch (KeyNotFoundException ex)
            {
                return new NotFoundObjectResult(ex.Message) {};
            }
            catch (Exception ex)
            {
                return new ObjectResult(ex.Message) { StatusCode = 500 };
            }
        }

        /// <summary>
        /// Delete an user
        /// </summary>
        /// <param name="id">Id of user to delete</param>
        [ProducesResponseType(typeof(string), 202)]
        [ProducesResponseType(typeof(string), 400)]
        [ProducesResponseType(typeof(string), 404)]
        [ProducesResponseType(typeof(string), 500)]
        [HttpDelete("{id}")]
        public ObjectResult DeleteUser(string id)
        {
            try
            {
                if (id == null)
                    throw new ArgumentNullException("User param is null");

                User user = _myInfoMateDbContext.Users.FirstOrDefault(u => u.Id == id);

                if (user == null)
                    throw new KeyNotFoundException("User does not exist");

                _myInfoMateDbContext.Remove(user);
                _myInfoMateDbContext.SaveChanges();

                return new ObjectResult("The user has been deleted") { StatusCode = 202 };
            }
            catch (ArgumentNullException ex)
            {
                return new BadRequestObjectResult(ex.Message) { };
            }
            catch (KeyNotFoundException ex)
            {
                return new NotFoundObjectResult(ex.Message) { };
            }
            catch (Exception ex)
            {
                return new ObjectResult(ex.Message) { StatusCode = 500 };
            }
        }
    }
}