package system

import (
	"log"
	"net/http"

	"management/internal/erpserver/model/dto"
	"management/internal/erpserver/model/form"
	systemmodel "management/internal/erpserver/model/system"
	v1 "management/internal/erpserver/service/v1"
	"management/internal/pkg/binding"
	"management/internal/pkg/convertor"
	"management/internal/pkg/middleware"
	"management/internal/pkg/tpl"
	"management/internal/pkg/tpl/html"
)

// userHandler 是 UserHandler 接口的实现.
type userHandler struct {
	render tpl.Renderer
	mi     middleware.Middleware

	captchasvc    v1.CaptchaService
	usersvc       v1.UserService
	rolesvc       v1.RoleService
	departmentsvc v1.DepartmentService
}

func NewUserHandler(
	render tpl.Renderer,
	mi middleware.Middleware,
	captchasvc v1.CaptchaService,
	usersvc v1.UserService,
	rolesvc v1.RoleService,
	departmentsvc v1.DepartmentService,
) *userHandler {
	return &userHandler{
		render:        render,
		mi:            mi,
		captchasvc:    captchasvc,
		usersvc:       usersvc,
		rolesvc:       rolesvc,
		departmentsvc: departmentsvc,
	}
}

func (h *userHandler) Add(w http.ResponseWriter, r *http.Request) {
	h.render.HTML(w, r, "user/edit.tmpl", map[string]any{
		"Item": &systemmodel.User{
			HashedPassword: nil,
		},
	})
}

func (h *userHandler) Edit(w http.ResponseWriter, r *http.Request) {
	vars := r.URL.Query()
	id := convertor.QueryInt[int32](vars, "id", 0)
	user := &systemmodel.User{}
	if id > 0 {
		ctx := r.Context()
		if u, err := h.usersvc.Get(ctx, id); err == nil {
			user.HashedPassword = []byte("********")
			user = u
		}
	}
	h.render.HTML(w, r, "user/edit.tmpl", map[string]any{
		"Item": user,
	})
}

func (h *userHandler) Save(w http.ResponseWriter, r *http.Request) {
	var req form.User
	if err := binding.Form.Bind(r, &req); err != nil {
		h.render.JSONERR(w, binding.ValidatorErrors(err))
		return
	}

	ctx := r.Context()
	if req.DepartmentID > 0 {
		if _, err := h.departmentsvc.Get(ctx, req.DepartmentID); err != nil {
			h.render.JSONERR(w, "部门数据错误")
			return
		}
	}
	if req.RoleID > 0 {
		if _, err := h.rolesvc.Get(ctx, req.RoleID); err != nil {
			h.render.JSONERR(w, "角色数据错误")
			return
		}
	}

	if *req.ID == 0 {
		err := h.usersvc.Create(ctx, &req)
		if err != nil {
			h.render.JSONERR(w, err.Error())
			return
		}

		h.render.JSONOK(w, "添加成功")
	} else {
		err := h.usersvc.Update(ctx, &req)
		if err != nil {
			h.render.JSONERR(w, err.Error())
			return
		}

		h.render.JSONOK(w, "更新成功")
	}
}

func (h *userHandler) List(w http.ResponseWriter, r *http.Request) {
	switch r.Method {
	case http.MethodGet:
		h.render.HTML(w, r, "user/list.tmpl", map[string]any{
			"Statuses": html.NewSelectControls(html.SearchStatuses, "0"),
		})
	case http.MethodPost:
		var q dto.SearchDto
		q.SearchTimeBegin, q.SearchTimeEnd = convertor.DefaultStartTimeAndEndTime(r.PostFormValue("timeBegin"), r.PostFormValue("timeEnd"))
		q.SearchStatus = convertor.ConvertInt(r.PostFormValue("status"), 9999)
		q.SearchName = r.PostFormValue("name")
		q.SearchEmail = r.PostFormValue("email")
		q.SearchID = convertor.ConvertInt[int64](r.PostFormValue("id"), 0)
		q.Page = convertor.ConvertInt(r.PostFormValue("page"), 1)
		q.Rows = convertor.ConvertInt(r.PostFormValue("rows"), 10)
		res, count, err := h.usersvc.List(r.Context(), q)
		if err != nil {
			h.render.JSONERR(w, err.Error())
			return
		}

		data := tpl.ResponseList{
			Code:    0,
			Message: "ok",
			Count:   count,
			Data:    res,
		}
		h.render.JSON(w, data)
	default:
		http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
	}
}

func (h *userHandler) Profile(w http.ResponseWriter, r *http.Request) {
	ctx := r.Context()
	user := h.mi.AuthUser(ctx)
	vm, _ := h.usersvc.Get(ctx, user.ID)
	h.render.HTML(w, r, "user/profile.tmpl", map[string]any{
		"Item": vm,
	})
}

func (h *userHandler) Data(w http.ResponseWriter, r *http.Request) {
	vars := r.URL.Query()
	t := vars.Get("type")
	if t == "xmselect" {
		res, err := h.usersvc.XmSelect(r.Context())
		if err != nil {
			h.render.JSONERR(w, err.Error())
			return
		}

		h.render.JSON(w, res)
		return
	}

	h.render.JSON(w, nil)
}

func (h *userHandler) Login(w http.ResponseWriter, r *http.Request) {
	ctx := r.Context()
	switch r.Method {
	case http.MethodGet:
		if h.mi.IsAuth(ctx) && h.mi.RefreshToken(ctx) {
			http.Redirect(w, r, "/home.html", http.StatusFound)
			return
		}
		_ = h.mi.Destroy(ctx)
		h.render.HTML(w, r, "oauth/login.tmpl", nil)
	case http.MethodPost:
		defer r.Body.Close()
		var req form.Login
		if err := binding.Form.Bind(r, &req); err != nil {
			e := binding.ValidatorErrors(err)
			h.render.JSONERR(w, e)
			return
		}

		if !h.captchasvc.Verify(req.CaptchaID, req.Captcha, true) {
			h.render.JSONERR(w, "验证码错误")
			return
		}

		req = req.SetAttributes(r)
		err := h.usersvc.Login(ctx, &req)
		if err != nil {
			log.Println(err)
			h.render.JSONERR(w, err.Error())
			return
		}

		h.render.JSONOK(w, "login successfully")
	default:
		http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
	}
}

func (h *userHandler) Logout(w http.ResponseWriter, r *http.Request) {
	h.mi.Destroy(r.Context())
	http.Redirect(w, r, "/", http.StatusFound)
}