using MediatR;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System.ComponentModel.DataAnnotations;
using TakeoutSaaS.Application.Identity.Commands;
using TakeoutSaaS.Application.Identity.Contracts;
using TakeoutSaaS.Application.Identity.Queries;
using TakeoutSaaS.Module.Authorization.Attributes;
using TakeoutSaaS.Shared.Abstractions.Constants;
using TakeoutSaaS.Shared.Abstractions.Results;
using TakeoutSaaS.Shared.Web.Api;

namespace TakeoutSaaS.AdminApi.Controllers;

/// <summary>
/// 用户管理。
/// </summary>
[ApiVersion("1.0")]
[Authorize]
[Route("api/admin/v{version:apiVersion}/users")]
public sealed class UsersController(IMediator mediator) : BaseApiController
{
    /// <summary>
    /// 用户分页列表。
    /// </summary>
    [HttpGet]
    [PermissionAuthorize("identity:user:read")]
    [ProducesResponseType(typeof(ApiResponse<PagedResult<UserListItemDto>>), StatusCodes.Status200OK)]
    public async Task<ApiResponse<PagedResult<UserListItemDto>>> List(
        [FromQuery] SearchIdentityUsersQuery query,
        CancellationToken cancellationToken)
    {
        // 1. 查询用户分页
        var result = await mediator.Send(query, cancellationToken);

        // 2. 返回分页数据
        return ApiResponse<PagedResult<UserListItemDto>>.Ok(result);
    }

    /// <summary>
    /// 用户详情。
    /// </summary>
    [HttpGet("{userId:long}")]
    [PermissionAuthorize("identity:user:read")]
    [ProducesResponseType(typeof(ApiResponse<UserDetailDto>), StatusCodes.Status200OK)]
    [ProducesResponseType(typeof(ApiResponse<UserDetailDto>), StatusCodes.Status404NotFound)]
    public async Task<ApiResponse<UserDetailDto>> Detail(long userId, [FromQuery] bool includeDeleted, CancellationToken cancellationToken)
    {
        // 1. 查询用户详情
        var result = await mediator.Send(new GetIdentityUserDetailQuery
        {
            UserId = userId,
            IncludeDeleted = includeDeleted
        }, cancellationToken);

        // 2. 返回详情或 404
        return result == null
            ? ApiResponse<UserDetailDto>.Error(ErrorCodes.NotFound, "用户不存在")
            : ApiResponse<UserDetailDto>.Ok(result);
    }

    /// <summary>
    /// 用户权限明细。
    /// </summary>
    [HttpGet("{userId:long}/permissions")]
    [PermissionAuthorize("identity:user:read")]
    [ProducesResponseType(typeof(ApiResponse<IReadOnlyList<string>>), StatusCodes.Status200OK)]
    [ProducesResponseType(typeof(ApiResponse<IReadOnlyList<string>>), StatusCodes.Status404NotFound)]
    public async Task<ApiResponse<IReadOnlyList<string>>> Permissions(long userId, CancellationToken cancellationToken)
    {
        // 1. 查询用户详情并提取权限
        var detail = await mediator.Send(new GetIdentityUserDetailQuery { UserId = userId }, cancellationToken);
        if (detail == null)
        {
            return ApiResponse<IReadOnlyList<string>>.Error(ErrorCodes.NotFound, "用户不存在");
        }

        // 2. 返回权限编码列表
        return ApiResponse<IReadOnlyList<string>>.Ok(detail.Permissions);
    }

    /// <summary>
    /// 创建用户。
    /// </summary>
    [HttpPost]
    [PermissionAuthorize("identity:user:create")]
    [ProducesResponseType(typeof(ApiResponse<UserDetailDto>), StatusCodes.Status200OK)]
    public async Task<ApiResponse<UserDetailDto>> Create([FromBody, Required] CreateIdentityUserCommand command, CancellationToken cancellationToken)
    {
        // 1. 创建用户
        var result = await mediator.Send(command, cancellationToken);

        // 2. 返回创建结果
        return ApiResponse<UserDetailDto>.Ok(result);
    }

    /// <summary>
    /// 更新用户。
    /// </summary>
    [HttpPut("{userId:long}")]
    [PermissionAuthorize("identity:user:update")]
    [ProducesResponseType(typeof(ApiResponse<UserDetailDto>), StatusCodes.Status200OK)]
    [ProducesResponseType(typeof(ApiResponse<UserDetailDto>), StatusCodes.Status404NotFound)]
    public async Task<ApiResponse<UserDetailDto>> Update(long userId, [FromBody, Required] UpdateIdentityUserCommand command, CancellationToken cancellationToken)
    {
        // 1. 绑定用户 ID
        if (command.UserId == 0)
        {
            command = command with { UserId = userId };
        }

        // 2. 执行更新
        var result = await mediator.Send(command, cancellationToken);

        // 3. 返回结果或 404
        return result == null
            ? ApiResponse<UserDetailDto>.Error(ErrorCodes.NotFound, "用户不存在")
            : ApiResponse<UserDetailDto>.Ok(result);
    }

    /// <summary>
    /// 删除用户。
    /// </summary>
    [HttpDelete("{userId:long}")]
    [PermissionAuthorize("identity:user:delete")]
    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status200OK)]
    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status404NotFound)]
    public async Task<ApiResponse<object>> Delete(long userId, CancellationToken cancellationToken)
    {
        // 1. 执行删除
        var result = await mediator.Send(new DeleteIdentityUserCommand { UserId = userId }, cancellationToken);

        // 2. 返回结果或 404
        return result
            ? ApiResponse.Success()
            : ApiResponse<object>.Error(ErrorCodes.NotFound, "用户不存在");
    }

    /// <summary>
    /// 恢复用户。
    /// </summary>
    [HttpPost("{userId:long}/restore")]
    [PermissionAuthorize("identity:user:update")]
    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status200OK)]
    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status404NotFound)]
    public async Task<ApiResponse<object>> Restore(long userId, CancellationToken cancellationToken)
    {
        // 1. 执行恢复
        var result = await mediator.Send(new RestoreIdentityUserCommand { UserId = userId }, cancellationToken);

        // 2. 返回结果或 404
        return result
            ? ApiResponse.Success()
            : ApiResponse<object>.Error(ErrorCodes.NotFound, "用户不存在");
    }

    /// <summary>
    /// 更新用户状态。
    /// </summary>
    [HttpPut("{userId:long}/status")]
    [PermissionAuthorize("identity:user:status")]
    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status200OK)]
    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status404NotFound)]
    public async Task<ApiResponse<object>> ChangeStatus(long userId, [FromBody, Required] ChangeIdentityUserStatusCommand command, CancellationToken cancellationToken)
    {
        // 1. 绑定用户 ID
        if (command.UserId == 0)
        {
            command = command with { UserId = userId };
        }

        // 2. 执行状态变更
        var result = await mediator.Send(command, cancellationToken);

        // 3. 返回结果或 404
        return result
            ? ApiResponse.Success()
            : ApiResponse<object>.Error(ErrorCodes.NotFound, "用户不存在");
    }

    /// <summary>
    /// 生成重置密码链接。
    /// </summary>
    [HttpPost("{userId:long}/password-reset")]
    [PermissionAuthorize("identity:user:reset-password")]
    [ProducesResponseType(typeof(ApiResponse<ResetIdentityUserPasswordResult>), StatusCodes.Status200OK)]
    public async Task<ApiResponse<ResetIdentityUserPasswordResult>> ResetPassword(long userId, CancellationToken cancellationToken)
    {
        // 1. 生成重置令牌
        var result = await mediator.Send(new ResetIdentityUserPasswordCommand { UserId = userId }, cancellationToken);

        // 2. 返回令牌信息
        return ApiResponse<ResetIdentityUserPasswordResult>.Ok(result);
    }

    /// <summary>
    /// 批量用户操作。
    /// </summary>
    [HttpPost("batch")]
    [PermissionAuthorize("identity:user:batch")]
    [ProducesResponseType(typeof(ApiResponse<BatchIdentityUserOperationResult>), StatusCodes.Status200OK)]
    public async Task<ApiResponse<BatchIdentityUserOperationResult>> Batch(
        [FromBody, Required] BatchIdentityUserOperationCommand command,
        CancellationToken cancellationToken)
    {
        // 1. 执行批量操作
        var result = await mediator.Send(command, cancellationToken);

        // 2. 返回操作结果
        return ApiResponse<BatchIdentityUserOperationResult>.Ok(result);
    }
}