package main

import (
	"encoding/json"
	"net/http"
	"strconv"
)

func (app *App) handleListUsers(w http.ResponseWriter, r *http.Request) {
	users, err := app.listUsers()
	if err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	writeJSON(w, users)
}

func (app *App) handleCreateUser(w http.ResponseWriter, r *http.Request) {
	var body struct {
		Username      string `json:"username"`
		Password      string `json:"password"`
		Role          string `json:"role"`
		DepartmentIDs []int  `json:"department_ids"`
	}
	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
		writeError(w, "invalid request", http.StatusBadRequest)
		return
	}
	if body.Username == "" || body.Password == "" || body.Role == "" {
		writeError(w, "username, password, and role are required", http.StatusBadRequest)
		return
	}
	hash, err := hashPassword(body.Password)
	if err != nil {
		writeError(w, "hash error", http.StatusInternalServerError)
		return
	}
	if body.DepartmentIDs == nil {
		body.DepartmentIDs = []int{}
	}
	user, err := app.createUser(body.Username, hash, body.Role, body.DepartmentIDs)
	if err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	w.WriteHeader(http.StatusCreated)
	writeJSON(w, user)
}

func (app *App) handleUpdateUser(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	var body struct {
		Role          string `json:"role"`
		Password      string `json:"password"`
		DepartmentIDs []int  `json:"department_ids"`
	}
	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
		writeError(w, "invalid request", http.StatusBadRequest)
		return
	}
	if body.DepartmentIDs == nil {
		body.DepartmentIDs = []int{}
	}
	if body.Role != "" {
		if err := app.updateUser(id, body.Role, body.DepartmentIDs); err != nil {
			writeError(w, err.Error(), http.StatusInternalServerError)
			return
		}
	}
	if body.Password != "" {
		hash, err := hashPassword(body.Password)
		if err != nil {
			writeError(w, "hash error", http.StatusInternalServerError)
			return
		}
		if err := app.updateUserPassword(id, hash); err != nil {
			writeError(w, err.Error(), http.StatusInternalServerError)
			return
		}
	}
	user, _ := app.getUserByID(id)
	writeJSON(w, user)
}

func (app *App) handleDeleteUser(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	claims := claimsFromContext(r)
	if claims.UserID == id {
		writeError(w, "cannot delete yourself", http.StatusBadRequest)
		return
	}
	if err := app.deleteUser(id); err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	w.WriteHeader(http.StatusNoContent)
}