using Asp.Versioning;
using Core.Cerberos.Adapters;
using Core.Cerberos.Adapters.Attributes;
using Core.Cerberos.Adapters.Common.Constants;
using Core.Cerberos.External.Clients.Cerberos.Requests.Permissions;
using Lib.Architecture.BuildingBlocks;
using LSA.Dashboard.External.Clients.Dashboard;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Graph;
using System.Text.Json;

namespace Core.Cerberos.BFF.Api.Controllers
{
    /// <summary>
    /// Handles all requests for permission authentication.
    /// </summary>
    [ApiVersion("1.0")]
    [Route("api/v{version:apiVersion}/[controller]")]
    [Consumes("application/json")]
    [Produces("application/json")]
    [ApiController]
    [Authorize(AuthenticationSchemes = Schemes.HeathScheme)]
    public class PermissionController(ICerberosServiceClient cerberosServiceClient, ILogger<PermissionController> logger) : BaseController(logger)
    {
        /// <summary>
        /// Gets all the permissions.
        /// </summary>
        [HttpGet("GetAll")]
        [ProducesResponseType(StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
        [ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
        [ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
        [ProducesResponseType(StatusCodes.Status500InternalServerError)]
        [Permission("PermissionManagement.Read, RoleManagement.Read")]
        public async Task<IActionResult> GetAllPermissionsService(CancellationToken cancellationToken)
        {
            try
            {
                logger.LogInformation($"{nameof(GetAllPermissionsService)} - Request received - Payload: ");

                return await Handle(() => cerberosServiceClient.GetAllPermissionsService(new GetAllPermissionsRequest { }, cancellationToken)).ConfigureAwait(false);
            }
            catch (Exception ex)
            {
                logger.LogError($"{nameof(GetAllPermissionsService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload");
                throw;
            }
        }

        /// <summary>
        /// Gets all the permissions by permission identifiers.
        /// </summary>
        /// <param name="request">The request containing the list of permission identifiers.</param>
        /// <param name="cancellationToken">Cancellation token for the asynchronous operation.</param>
        /// <returns>The <see cref="IActionResult"/> representing the result of the service call.</returns>
        /// <response code="200">The permissions found.</response>
        /// <response code="204">No content if no permissions are found.</response>
        /// <response code="400">Bad request if the permission identifiers are missing or invalid.</response>
        /// <response code="401">Unauthorized if the user is not authenticated.</response>
        /// <response code="500">Internal server error if an unexpected error occurs.</response>
        [HttpPost("GetAllByList")]
        [ProducesResponseType(typeof(IEnumerable<PermissionAdapter>), StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status204NoContent)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
        [ProducesResponseType(StatusCodes.Status500InternalServerError)]
        [Permission("PermissionManagement.Read")]
        public async Task<IActionResult> GetAllPermissionsByListAsync([FromBody] GetAllPermissionsByListRequest request, CancellationToken cancellationToken)
        {
            try
            {
                logger.LogInformation($"{nameof(GetAllPermissionsByListAsync)} - Request received - Payload: {request}");

                if (request == null || request.Permissions == null || !request.Permissions.Any())
                {
                    return BadRequest("Permission identifiers are required.");
                }

                return await Handle(() => cerberosServiceClient.GetAllPermissionsByListService(request, cancellationToken)).ConfigureAwait(false);

            }
            catch (Exception ex)
            {
                logger.LogError(ex, $"{nameof(GetAllPermissionsByListAsync)} - An error occurred - {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload: {request}");
                return StatusCode(StatusCodes.Status500InternalServerError, "Internal server error");
            }
        }


        /// <summary>
        /// Creates a new permission.
        /// </summary>
        [HttpPost("Create")]
        [ProducesResponseType(StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
        [ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
        [ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
        [ProducesResponseType(StatusCodes.Status500InternalServerError)]
        [Permission("PermissionManagement.Write")]
        public async Task<IActionResult> CreatePermissionService(CreatePermissionRequest newPermission, CancellationToken cancellationToken)
        {
            try
            {
                logger.LogInformation($"{nameof(CreatePermissionService)} - Request received - Payload: {JsonSerializer.Serialize(newPermission)}");

                if (newPermission == null) return BadRequest("Invalid permission object");

                if (string.IsNullOrEmpty(newPermission.Name)) return BadRequest("Invalid permission name");

                if (string.IsNullOrEmpty(newPermission.Description)) return BadRequest("Invalid permission description");

                return await Handle(() => cerberosServiceClient.CreatePermissionService(newPermission, cancellationToken)).ConfigureAwait(false);
            }
            catch (Exception ex)
            {
                logger.LogError($"{nameof(CreatePermissionService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload {JsonSerializer.Serialize(newPermission)}");
                throw;
            }
        }

        /// <summary>
        /// Gets the permission by identifier.
        /// </summary>
        [HttpPost("GetById")]
        [ProducesResponseType(StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
        [ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
        [ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
        [ProducesResponseType(StatusCodes.Status500InternalServerError)]
        [Permission("PermissionManagement.Read")]
        public async Task<IActionResult> GetPermissionByIdService(GetPermissionRequest request, CancellationToken cancellationToken)
        {
            try
            {
                logger.LogInformation($"{nameof(GetPermissionByIdService)} - Request received - Payload: {JsonSerializer.Serialize(request)}");

                if (string.IsNullOrEmpty(request.Id)) return BadRequest("Invalid permission identifier");

                return await Handle(() => cerberosServiceClient.GetPermissionByIdService(request, cancellationToken)).ConfigureAwait(false);
            }
            catch (Exception ex)
            {
                logger.LogError($"{nameof(GetPermissionByIdService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload {JsonSerializer.Serialize(request)}");
                throw;
            }
        }

        /// <summary>
        /// Updates a full permission by identifier.
        /// </summary>
        [HttpPut("Update")]
        [ProducesResponseType(StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
        [ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
        [ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
        [ProducesResponseType(StatusCodes.Status500InternalServerError)]
        [Permission("PermissionManagement.Write")]
        public async Task<IActionResult> UpdatePermissionService(UpdatePermissionRequest newPermission, CancellationToken cancellationToken)
        {
            try
            {
                logger.LogInformation($"{nameof(UpdatePermissionService)} - Request received - Payload: {JsonSerializer.Serialize(newPermission)}");

                if (newPermission == null) return BadRequest("Invalid permission object");

                if (string.IsNullOrEmpty(newPermission.Name)) return BadRequest("Invalid permission name");

                if (string.IsNullOrEmpty(newPermission.Description)) return BadRequest("Invalid permission description");

                return await Handle(() => cerberosServiceClient.UpdatePermissionService(newPermission, cancellationToken)).ConfigureAwait(false);
            }
            catch (Exception ex)
            {
                logger.LogError($"{nameof(UpdatePermissionService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload {JsonSerializer.Serialize(newPermission)}");
                throw;
            }
        }

        /// <summary>
        /// Changes the status of the permission.
        /// </summary>
        [HttpPatch]
        [Route("ChangeStatus")]
        [ProducesResponseType(StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status204NoContent)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
        [ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
        [ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
        [ProducesResponseType(StatusCodes.Status500InternalServerError)]
        [Permission("PermissionManagement.Write")]
        public async Task<IActionResult> ChangePermissionStatusService([FromBody] ChangePermissionStatusRequest request, CancellationToken cancellationToken)
        {
            try
            {
                logger.LogInformation($"{nameof(ChangePermissionStatusService)} - Request received - Payload: {JsonSerializer.Serialize(request)}");

                if (string.IsNullOrEmpty(request.Id)) { return BadRequest("Invalid permission identifier"); }

                return await Handle(() => cerberosServiceClient.ChangePermissionStatusService(request, cancellationToken)).ConfigureAwait(false);
            }
            catch (Exception ex)
            {
                logger.LogError($"{nameof(ChangePermissionStatusService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload {JsonSerializer.Serialize(request)}");
                throw;
            }
        }


    }
}