package main

import (
	"encoding/json"
	"log"
	"net/http"
	"strconv"
)

func (app *App) handleListVolunteers(w http.ResponseWriter, r *http.Request) {
	q := r.URL.Query()
	search := q.Get("search")
	since := q.Get("since")

	var deptID *int
	if d := q.Get("dept"); d != "" {
		id, err := strconv.Atoi(d)
		if err == nil {
			deptID = &id
		}
	}

	claims := claimsFromContext(r)
	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) && deptID == nil && len(claims.DeptIDs) > 0 {
		deptID = &claims.DeptIDs[0]
	}

	volunteers, err := app.listVolunteers(search, deptID, since)
	if err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	writeJSON(w, volunteers)
}

func (app *App) handleCreateVolunteer(w http.ResponseWriter, r *http.Request) {
	var body struct {
		Name         string `json:"name"`
		TicketName   string `json:"ticket_name"`
		Email        string `json:"email"`
		DepartmentID *int   `json:"department_id"`
		IsLead       bool   `json:"is_lead"`
		Note         string `json:"note"`
	}
	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
		writeError(w, "invalid request", http.StatusBadRequest)
		return
	}
	if body.Name == "" {
		writeError(w, "name is required", http.StatusBadRequest)
		return
	}
	if body.Email == "" {
		writeError(w, "email is required", http.StatusBadRequest)
		return
	}
	claims := claimsFromContext(r)
	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) {
		if body.DepartmentID == nil || !inSlice(*body.DepartmentID, claims.DeptIDs) {
			writeError(w, "forbidden: outside your department", http.StatusForbidden)
			return
		}
	}
	p, _ := app.getParticipantByEmail(body.Email)
	if p == nil {
		p, _ = app.createParticipant(Participant{PreferredName: body.Name, Email: body.Email, TicketName: body.TicketName})
	} else if body.TicketName != "" && p.TicketName == "" {
		app.db.Exec(`UPDATE participants SET ticket_name = ?, updated_at = ? WHERE id = ?`, body.TicketName, now(), p.ID)
	}
	if p == nil {
		writeError(w, "failed to create participant", http.StatusInternalServerError)
		return
	}
	confirmToken, err := generateConfirmationToken()
	if err != nil {
		writeError(w, "internal error", http.StatusInternalServerError)
		return
	}
	app.setParticipantConfirmationToken(p.ID, confirmToken)
	v := Volunteer{
		ParticipantID: p.ID,
		DepartmentID:  body.DepartmentID,
		IsLead:        body.IsLead,
		Note:          body.Note,
	}
	created, err := app.createVolunteer(v)
	if err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	go func() {
		if err := app.sendConfirmationEmail(body.Email, body.Name, confirmToken); err != nil {
			log.Printf("confirmation email to %s failed: %v", body.Email, err)
		}
	}()
	w.WriteHeader(http.StatusCreated)
	writeJSON(w, created)
}

func (app *App) handleGetVolunteer(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	v, err := app.getVolunteer(id)
	if err != nil || v == nil {
		writeError(w, "not found", http.StatusNotFound)
		return
	}
	writeJSON(w, v)
}

func (app *App) handleUpdateVolunteer(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	var body struct {
		DepartmentID *int   `json:"department_id"`
		IsLead       bool   `json:"is_lead"`
		Note         string `json:"note"`
	}
	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
		writeError(w, "invalid request", http.StatusBadRequest)
		return
	}
	claims := claimsFromContext(r)
	if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) {
		existing, _ := app.getVolunteer(id)
		if existing == nil || existing.DepartmentID == nil || !inSlice(*existing.DepartmentID, claims.DeptIDs) {
			writeError(w, "forbidden: outside your department", http.StatusForbidden)
			return
		}
	}
	v := Volunteer{
		ID:           id,
		DepartmentID: body.DepartmentID,
		IsLead:       body.IsLead,
		Note:         body.Note,
	}
	if err := app.updateVolunteer(v); err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	if v.IsLead {
		app.confirmVolunteer(id)
	}
	updated, _ := app.getVolunteer(id)
	writeJSON(w, updated)
}

func (app *App) handleDeleteVolunteer(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	if err := app.deleteVolunteer(id); err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	w.WriteHeader(http.StatusNoContent)
}

func (app *App) handleMarkVolunteerReady(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	claims := claimsFromContext(r)
	v, err := app.markVolunteerReady(id, claims.ParticipantID)
	if err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	app.broker.publish("checkin", map[string]any{"type": "volunteer", "volunteer": v})
	writeJSON(w, v)
}

func (app *App) handleConfirmVolunteer(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	v, err := app.confirmVolunteer(id)
	if err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	writeJSON(w, v)
}

func (app *App) handleAssignShift(w http.ResponseWriter, r *http.Request) {
	volunteerID, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid volunteer id", http.StatusBadRequest)
		return
	}
	var body struct {
		ShiftID int `json:"shift_id"`
	}
	if err := json.NewDecoder(r.Body).Decode(&body); err != nil || body.ShiftID == 0 {
		writeError(w, "shift_id required", http.StatusBadRequest)
		return
	}
	if err := app.assignShift(volunteerID, body.ShiftID); err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	w.WriteHeader(http.StatusNoContent)
}

func (app *App) handleUnassignShift(w http.ResponseWriter, r *http.Request) {
	volunteerID, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid volunteer id", http.StatusBadRequest)
		return
	}
	shiftID, err := strconv.Atoi(r.PathValue("shift_id"))
	if err != nil {
		writeError(w, "invalid shift id", http.StatusBadRequest)
		return
	}
	if err := app.unassignShift(volunteerID, shiftID); err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	w.WriteHeader(http.StatusNoContent)
}

func inSlice(v int, s []int) bool {
	for _, x := range s {
		if x == v {
			return true
		}
	}
	return false
}