using System.Security.Claims;
using FlatRender.ContentSvc.Application.Services;
using FlatRender.ContentSvc.Models;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace FlatRender.ContentSvc.Controllers;

[ApiController]
[Route("v1/ai")]
[Authorize]
public class AiController(AiContentService svc) : ControllerBase
{
    private Guid TenantId =>
        Guid.TryParse(User.FindFirstValue("tenant_id"), out var t) ? t : AiContentService.DefaultTenant;

    private bool IsAdmin =>
        string.Equals(User.FindFirstValue("is_admin"), "true", StringComparison.OrdinalIgnoreCase) ||
        string.Equals(User.FindFirstValue("is_tenant_admin"), "true", StringComparison.OrdinalIgnoreCase);

    [HttpGet("settings")]
    public async Task<IActionResult> GetSettings()
    {
        if (!IsAdmin) return Forbidden();
        return Ok(await svc.GetSettingsAsync(TenantId));
    }

    [HttpPut("settings")]
    public async Task<IActionResult> UpdateSettings([FromBody] UpdateAiSettingsRequest req)
    {
        if (!IsAdmin) return Forbidden();
        return Ok(await svc.UpdateSettingsAsync(TenantId, req));
    }

    [HttpPost("seo-post")]
    public async Task<IActionResult> GenerateSeoPost([FromBody] GenerateSeoPostRequest req, CancellationToken ct)
    {
        if (!IsAdmin) return Forbidden();
        try
        {
            return Ok(await svc.GenerateSeoPostAsync(TenantId, req, ct));
        }
        catch (AiConfigException ex)
        {
            return BadRequest(new { error = new { code = "ai_error", message = ex.Message } });
        }
    }

    private IActionResult Forbidden() =>
        StatusCode(403, new { error = new { code = "forbidden", message = "Admin access required." } });
}