using FluentValidation;
using Microsoft.AspNetCore.Mvc;
using Meezi.API.Models.Tables;
using Meezi.API.Services;
using Meezi.Core.Authorization;
using Meezi.Core.Enums;
using Meezi.Core.Interfaces;
using Meezi.Shared;

namespace Meezi.API.Controllers;

[Route("api/cafes/{cafeId}/branches/{branchId}/tables")]
public class BranchTablesController : CafeApiControllerBase
{
    private readonly ITableService _tables;
    private readonly IValidator<CreateBranchTableRequest> _createTableValidator;
    private readonly IValidator<PatchBranchTableRequest> _patchTableValidator;
    private readonly IValidator<CreateTableSectionRequest> _createSectionValidator;
    private readonly IValidator<PatchTableSectionRequest> _patchSectionValidator;
    private readonly IValidator<SetTableCleaningRequest> _cleaningValidator;

    public BranchTablesController(
        ITableService tables,
        IValidator<CreateBranchTableRequest> createTableValidator,
        IValidator<PatchBranchTableRequest> patchTableValidator,
        IValidator<CreateTableSectionRequest> createSectionValidator,
        IValidator<PatchTableSectionRequest> patchSectionValidator,
        IValidator<SetTableCleaningRequest> cleaningValidator)
    {
        _tables = tables;
        _createTableValidator = createTableValidator;
        _patchTableValidator = patchTableValidator;
        _createSectionValidator = createSectionValidator;
        _patchSectionValidator = patchSectionValidator;
        _cleaningValidator = cleaningValidator;
    }

    [HttpGet("board")]
    public async Task<IActionResult> GetBoard(
        string cafeId,
        string branchId,
        ITenantContext tenant,
        [FromQuery] bool activeOnly = true,
        CancellationToken ct = default)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        if (!await _tables.CanAccessBranchAsync(cafeId, branchId, tenant.UserId, tenant.Role, ct))
            return Forbid();

        var data = await _tables.GetBranchTableBoardAsync(cafeId, branchId, activeOnly, ct);
        return Ok(new ApiResponse<IReadOnlyList<TableBoardDto>>(true, data));
    }

    [HttpGet]
    public async Task<IActionResult> GetTables(
        string cafeId,
        string branchId,
        ITenantContext tenant,
        CancellationToken ct = default)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        if (!await _tables.CanAccessBranchAsync(cafeId, branchId, tenant.UserId, tenant.Role, ct))
            return Forbid();

        var data = await _tables.GetBranchTablesAsync(cafeId, branchId, ct);
        if (data is null) return NotFoundError("Branch not found.");
        return Ok(new ApiResponse<IReadOnlyList<TableDto>>(true, data));
    }

    [HttpPost]
    public async Task<IActionResult> CreateTable(
        string cafeId,
        string branchId,
        [FromBody] CreateBranchTableRequest request,
        ITenantContext tenant,
        CancellationToken ct)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        if (EnsurePermission(tenant, Permission.ManageTables) is { } permDenied) return permDenied;
        if (!await _tables.CanAccessBranchAsync(cafeId, branchId, tenant.UserId, tenant.Role, ct))
            return Forbid();

        var validation = await _createTableValidator.ValidateAsync(request, ct);
        if (!validation.IsValid) return BadRequest(ValidationError(validation));

        var result = await _tables.CreateBranchTableAsync(cafeId, branchId, request, ct);
        return BranchOpResult(result);
    }

    [HttpPatch("{id}")]
    public async Task<IActionResult> PatchTable(
        string cafeId,
        string branchId,
        string id,
        [FromBody] PatchBranchTableRequest request,
        ITenantContext tenant,
        CancellationToken ct)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        if (EnsurePermission(tenant, Permission.ManageTables) is { } permDenied) return permDenied;
        if (!await _tables.CanAccessBranchAsync(cafeId, branchId, tenant.UserId, tenant.Role, ct))
            return Forbid();

        var validation = await _patchTableValidator.ValidateAsync(request, ct);
        if (!validation.IsValid) return BadRequest(ValidationError(validation));

        var result = await _tables.PatchBranchTableAsync(cafeId, branchId, id, request, ct);
        return BranchOpResult(result);
    }

    [HttpDelete("{id}")]
    public async Task<IActionResult> DeleteTable(
        string cafeId,
        string branchId,
        string id,
        ITenantContext tenant,
        CancellationToken ct)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        if (EnsurePermission(tenant, Permission.ManageTables) is { } permDenied) return permDenied;
        if (!await _tables.CanAccessBranchAsync(cafeId, branchId, tenant.UserId, tenant.Role, ct))
            return Forbid();

        var result = await _tables.DeleteBranchTableAsync(cafeId, branchId, id, ct);
        return BranchOpResult(result);
    }

    [HttpPatch("{id}/cleaning")]
    public async Task<IActionResult> SetCleaning(
        string cafeId,
        string branchId,
        string id,
        [FromBody] SetTableCleaningRequest request,
        ITenantContext tenant,
        CancellationToken ct)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        if (EnsurePermission(tenant, Permission.ManageTables) is { } permDenied) return permDenied;
        if (!await _tables.CanAccessBranchAsync(cafeId, branchId, tenant.UserId, tenant.Role, ct))
            return Forbid();

        var validation = await _cleaningValidator.ValidateAsync(request, ct);
        if (!validation.IsValid) return BadRequest(ValidationError(validation));

        var data = await _tables.SetTableCleaningAsync(cafeId, id, request.IsCleaning, ct);
        if (data is null || data.BranchId != branchId) return NotFoundError();
        return Ok(new ApiResponse<TableBoardDto>(true, data));
    }

    [HttpGet("{id}/qr")]
    public async Task<IActionResult> GetQrPng(
        string cafeId,
        string branchId,
        string id,
        ITenantContext tenant,
        CancellationToken ct)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        if (!await _tables.CanAccessBranchAsync(cafeId, branchId, tenant.UserId, tenant.Role, ct))
            return Forbid();

        var png = await _tables.GetQrPngAsync(cafeId, id, ct);
        if (png is null) return NotFoundError();
        return File(png, "image/png", $"table-{id}-qr.png");
    }

    [HttpGet("sections")]
    public async Task<IActionResult> GetSections(
        string cafeId,
        string branchId,
        ITenantContext tenant,
        CancellationToken ct = default)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        if (!await _tables.CanAccessBranchAsync(cafeId, branchId, tenant.UserId, tenant.Role, ct))
            return Forbid();

        var data = await _tables.GetBranchSectionsAsync(cafeId, branchId, ct);
        if (data is null) return NotFoundError("Branch not found.");
        return Ok(new ApiResponse<IReadOnlyList<TableSectionDto>>(true, data));
    }

    [HttpPost("sections")]
    public async Task<IActionResult> CreateSection(
        string cafeId,
        string branchId,
        [FromBody] CreateTableSectionRequest request,
        ITenantContext tenant,
        CancellationToken ct = default)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        if (EnsurePermission(tenant, Permission.ManageTables) is { } permDenied) return permDenied;
        if (!await _tables.CanAccessBranchAsync(cafeId, branchId, tenant.UserId, tenant.Role, ct))
            return Forbid();

        var validation = await _createSectionValidator.ValidateAsync(request, ct);
        if (!validation.IsValid) return BadRequest(ValidationError(validation));

        var result = await _tables.CreateBranchSectionAsync(cafeId, branchId, request, ct);
        return BranchOpResult(result);
    }

    [HttpPatch("sections/{sectionId}")]
    public async Task<IActionResult> PatchSection(
        string cafeId,
        string branchId,
        string sectionId,
        [FromBody] PatchTableSectionRequest request,
        ITenantContext tenant,
        CancellationToken ct = default)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        if (EnsurePermission(tenant, Permission.ManageTables) is { } permDenied) return permDenied;
        if (!await _tables.CanAccessBranchAsync(cafeId, branchId, tenant.UserId, tenant.Role, ct))
            return Forbid();

        var validation = await _patchSectionValidator.ValidateAsync(request, ct);
        if (!validation.IsValid) return BadRequest(ValidationError(validation));

        var result = await _tables.PatchBranchSectionAsync(cafeId, branchId, sectionId, request, ct);
        return BranchOpResult(result);
    }

    [HttpDelete("sections/{sectionId}")]
    public async Task<IActionResult> DeleteSection(
        string cafeId,
        string branchId,
        string sectionId,
        ITenantContext tenant,
        CancellationToken ct = default)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        if (EnsurePermission(tenant, Permission.ManageTables) is { } permDenied) return permDenied;
        if (!await _tables.CanAccessBranchAsync(cafeId, branchId, tenant.UserId, tenant.Role, ct))
            return Forbid();

        var result = await _tables.DeleteBranchSectionAsync(cafeId, branchId, sectionId, ct);
        return BranchOpResult(result);
    }

    private IActionResult BranchOpResult<T>(BranchTableOperationResult<T> result)
    {
        if (result.Success && result.Data is not null)
            return Ok(new ApiResponse<T>(true, result.Data));

        var code = result.ErrorCode ?? "REQUEST_FAILED";
        var status = code is "TABLE_HAS_OPEN_ORDER" or "TABLE_SECTION_HAS_TABLES"
            ? StatusCodes.Status409Conflict
            : StatusCodes.Status400BadRequest;
        return StatusCode(status,
            new ApiResponse<object>(false, null, new ApiError(code, result.Message ?? code)));
    }

}