<?php
namespace admin\Controllers;

use Domain\User\UserRepository;
use admin\ViewModels\Forms\FormAction;
use admin\ViewModels\Forms\FormEditViewModel;
use admin\ViewModels\Forms\FormField;
use admin\Support\Forms\FormRequestHandler;

class UsersController
{
    private UserRepository $repository;
    private FormRequestHandler $formHandler;

    public function __construct(UserRepository $repository)
    {
        $this->repository = $repository;
        $this->formHandler = new FormRequestHandler();
    }

    public function user_delete(): void
    {
        if ($this->repository->delete((int)\S::get('id'))) {
            \S::alert('Uzytkownik zostal usuniety.');
        }

        header('Location: /admin/users/view_list/');
        exit;
    }

    public function user_save(): void
    {
        $legacyValues = \S::get('values');
        if ($legacyValues) {
            $values = json_decode((string)$legacyValues, true);
            if (!is_array($values)) {
                echo json_encode(['status' => 'error', 'msg' => 'Nieprawidlowe dane formularza.']);
                exit;
            }

            if (!$this->isTwofaEmailValidForEnabled($values['twofa_enabled'] ?? 0, (string)($values['twofa_email'] ?? ''))) {
                echo json_encode([
                    'status' => 'error',
                    'msg' => 'Jesli wlaczono dwustopniowe uwierzytelnianie (2FA), pole "E-mail do 2FA" jest wymagane.',
                ]);
                exit;
            }

            $response = $this->repository->save(
                (int)($values['id'] ?? 0),
                (string)($values['login'] ?? ''),
                $values['status'] ?? 0,
                (string)($values['password'] ?? ''),
                (string)($values['password_re'] ?? ''),
                $values['admin'] ?? 1,
                $values['twofa_enabled'] ?? 0,
                (string)($values['twofa_email'] ?? '')
            );

            echo json_encode($response);
            exit;
        }

        $userId = (int)\S::get('id');
        $user = $this->normalizeUser($this->repository->find($userId));
        $viewModel = $this->buildFormViewModel($user);

        $result = $this->formHandler->handleSubmit($viewModel, $_POST);
        if (!$result['success']) {
            $_SESSION['form_errors'][$this->getFormId()] = $result['errors'];
            echo json_encode(['success' => false, 'errors' => $result['errors']]);
            exit;
        }

        $data = $result['data'];
        $data['id'] = $userId;
        $data['admin'] = 1;

        if (!$this->isTwofaEmailValidForEnabled($data['twofa_enabled'] ?? 0, (string)($data['twofa_email'] ?? ''))) {
            echo json_encode([
                'success' => false,
                'errors' => [
                    'twofa_email' => 'Pole "E-mail do 2FA" jest wymagane, gdy wlaczono 2FA.',
                ],
            ]);
            exit;
        }

        $duplicateLoginCheck = $this->repository->checkLogin((string)($data['login'] ?? ''), $userId);
        if (($duplicateLoginCheck['status'] ?? '') !== 'ok') {
            echo json_encode([
                'success' => false,
                'errors' => ['login' => (string)($duplicateLoginCheck['msg'] ?? 'Podany login jest juz zajety.')],
            ]);
            exit;
        }

        $response = $this->repository->save(
            (int)$data['id'],
            (string)($data['login'] ?? ''),
            (int)($data['status'] ?? 0),
            (string)($data['password'] ?? ''),
            (string)($data['password_re'] ?? ''),
            1,
            (int)($data['twofa_enabled'] ?? 0),
            (string)($data['twofa_email'] ?? '')
        );

        echo json_encode([
            'success' => ($response['status'] ?? '') === 'ok',
            'message' => (string)($response['msg'] ?? 'Zmiany zostaly zapisane.'),
            'errors' => (($response['status'] ?? '') === 'ok') ? [] : ['general' => (string)($response['msg'] ?? 'Wystapil blad.')],
        ]);
        exit;
    }

    public function user_edit(): string
    {
        $user = $this->normalizeUser($this->repository->find((int)\S::get('id')));
        $validationErrors = $_SESSION['form_errors'][$this->getFormId()] ?? null;
        if ($validationErrors) {
            unset($_SESSION['form_errors'][$this->getFormId()]);
        }

        return \Tpl::view('users/user-edit', [
            'form' => $this->buildFormViewModel($user, $validationErrors),
        ]);
    }

    public function view_list(): string
    {
        $sortableColumns = ['login', 'status'];
        $filterDefinitions = [
            [
                'key' => 'login',
                'label' => 'Login',
                'type' => 'text',
            ],
            [
                'key' => 'status',
                'label' => 'Aktywny',
                'type' => 'select',
                'options' => [
                    '' => '- aktywny -',
                    '1' => 'tak',
                    '0' => 'nie',
                ],
            ],
        ];

        $listRequest = \admin\Support\TableListRequestFactory::fromRequest(
            $filterDefinitions,
            $sortableColumns,
            'login'
        );

        $sortDir = $listRequest['sortDir'];
        if (trim((string)\S::get('sort')) === '') {
            $sortDir = 'ASC';
        }

        $result = $this->repository->listForAdmin(
            $listRequest['filters'],
            $listRequest['sortColumn'],
            $sortDir,
            $listRequest['page'],
            $listRequest['perPage']
        );

        $rows = [];
        $lp = ($listRequest['page'] - 1) * $listRequest['perPage'] + 1;
        foreach ($result['items'] as $item) {
            $id = (int)$item['id'];
            $login = trim((string)($item['login'] ?? ''));
            $status = (int)($item['status'] ?? 0);

            $rows[] = [
                'lp' => $lp++ . '.',
                'status' => $status === 1 ? 'tak' : '<span style="color: #FF0000;">nie</span>',
                'login' => '<a href="/admin/users/user_edit/id=' . $id . '">' . htmlspecialchars($login, ENT_QUOTES, 'UTF-8') . '</a>',
                '_actions' => [
                    [
                        'label' => 'Edytuj',
                        'url' => '/admin/users/user_edit/id=' . $id,
                        'class' => 'btn btn-xs btn-primary',
                    ],
                    [
                        'label' => 'Usun',
                        'url' => '/admin/users/user_delete/id=' . $id,
                        'class' => 'btn btn-xs btn-danger',
                        'confirm' => 'Na pewno chcesz usunac wybranego uzytkownika?',
                    ],
                ],
            ];
        }

        $total = (int)$result['total'];
        $totalPages = max(1, (int)ceil($total / $listRequest['perPage']));

        $viewModel = new \admin\ViewModels\Common\PaginatedTableViewModel(
            [
                ['key' => 'lp', 'label' => 'Lp.', 'class' => 'text-center', 'sortable' => false],
                ['key' => 'status', 'sort_key' => 'status', 'label' => 'Aktywny', 'class' => 'text-center', 'sortable' => true, 'raw' => true],
                ['key' => 'login', 'sort_key' => 'login', 'label' => 'Login', 'sortable' => true, 'raw' => true],
            ],
            $rows,
            $listRequest['viewFilters'],
            [
                'column' => $listRequest['sortColumn'],
                'dir' => $sortDir,
            ],
            [
                'page' => $listRequest['page'],
                'per_page' => $listRequest['perPage'],
                'total' => $total,
                'total_pages' => $totalPages,
            ],
            array_merge($listRequest['queryFilters'], [
                'sort' => $listRequest['sortColumn'],
                'dir' => $sortDir,
                'per_page' => $listRequest['perPage'],
            ]),
            $listRequest['perPageOptions'],
            $sortableColumns,
            '/admin/users/view_list/',
            'Brak danych w tabeli.',
            '/admin/users/user_edit/',
            'Dodaj uzytkownika'
        );

        return \Tpl::view('users/users-list', [
            'viewModel' => $viewModel,
        ]);
    }

    public function list(): string
    {
        return $this->view_list();
    }

    public function login_form(): string
    {
        return \Tpl::view('site/unlogged-layout');
    }

    public function twofa(): string
    {
        return \Tpl::view('site/unlogged', [
            'content' => \Tpl::view('users/user-2fa'),
        ]);
    }

    private function normalizeUser(?array $user): array
    {
        return [
            'id' => (int)($user['id'] ?? 0),
            'login' => (string)($user['login'] ?? ''),
            'status' => (int)($user['status'] ?? 1),
            'admin' => (int)($user['admin'] ?? 1),
            'twofa_enabled' => (int)($user['twofa_enabled'] ?? 0),
            'twofa_email' => (string)($user['twofa_email'] ?? ''),
        ];
    }

    private function buildFormViewModel(array $user, ?array $errors = null): FormEditViewModel
    {
        $userId = (int)($user['id'] ?? 0);
        $isNew = $userId <= 0;

        $data = [
            'id' => $userId,
            'login' => (string)($user['login'] ?? ''),
            'status' => (int)($user['status'] ?? 1),
            'twofa_enabled' => (int)($user['twofa_enabled'] ?? 0),
            'twofa_email' => (string)($user['twofa_email'] ?? ''),
            'password' => '',
            'password_re' => '',
        ];

        $fields = [
            FormField::text('login', [
                'label' => 'Login',
                'required' => true,
            ]),
            FormField::switch('status', [
                'label' => 'Aktywny',
            ]),
            FormField::switch('twofa_enabled', [
                'label' => 'Dwustopniowe uwierzytelnianie (2FA)',
            ]),
            FormField::email('twofa_email', [
                'label' => 'E-mail do 2FA',
            ]),
            FormField::password('password', [
                'label' => 'Haslo',
                'required' => $isNew,
                'attributes' => ['minlength' => 5],
            ]),
            FormField::password('password_re', [
                'label' => 'Haslo - powtorz',
                'required' => $isNew,
                'attributes' => ['minlength' => 5],
            ]),
        ];

        $actionUrl = '/admin/users/user_save/' . ($isNew ? '' : ('id=' . $userId));
        $actions = [
            FormAction::save($actionUrl, '/admin/users/view_list/'),
            FormAction::cancel('/admin/users/view_list/'),
        ];

        return new FormEditViewModel(
            $this->getFormId(),
            $isNew ? 'Nowy uzytkownik' : 'Edycja uzytkownika',
            $data,
            $fields,
            [],
            $actions,
            'POST',
            $actionUrl,
            '/admin/users/view_list/',
            true,
            [
                'id' => $userId,
                'admin' => 1,
            ],
            null,
            $errors
        );
    }

    private function getFormId(): string
    {
        return 'users-edit';
    }

    private function isTwofaEmailValidForEnabled($twofaEnabled, string $twofaEmail): bool
    {
        $enabled = ($twofaEnabled === 'on' || $twofaEnabled === 1 || $twofaEnabled === '1' || $twofaEnabled === true);
        if (!$enabled) {
            return true;
        }

        return trim($twofaEmail) !== '';
    }
}