const express = require('express');
const router = express.Router();
const authMiddleware = require('../middleware/authMiddleware');
const AdminUserController = require('../controller/admin/AdminUserController');
const UserDocumentController = require('../controller/documents/UserDocumentController');
const ServerStatusController = require('../controller/admin/ServerStatusController');
const PasswordResetController = require('../controller/password-reset/PasswordResetController');

// Helper middleware to check admin role
function requireAdmin(req, res, next) {
  if (!req.user || req.user.role !== 'admin') {
    return res.status(403).json({ success: false, message: 'Forbidden: Admins only.' });
  }
  next();
}

router.get('/admin/user-stats', authMiddleware, requireAdmin, AdminUserController.getUserStats);
router.get('/admin/user-list', authMiddleware, requireAdmin, AdminUserController.getUserList);
router.get('/admin/verification-pending-users', authMiddleware, requireAdmin, AdminUserController.getVerificationPendingUsers);
router.post('/admin/verify-user/:id', authMiddleware, requireAdmin, AdminUserController.verifyUser);
router.get('/admin/user/:id/documents', authMiddleware, requireAdmin, UserDocumentController.getAllDocumentsForUser);
router.get('/admin/server-status', authMiddleware, requireAdmin, ServerStatusController.getStatus);

// PUT /admin/users/:id/permissions - update user permissions
router.put(
  '/admin/users/:id/permissions',
  authMiddleware,
  requireAdmin,
  AdminUserController.updateUserPermissions
);

// Admin: send password reset link for a user
router.post(
  '/admin/send-password-reset/:userId',
  authMiddleware,
  requireAdmin,
  async (req, res) => {
    // Find user by ID and get their email
    const userId = req.params.userId;
    const UnitOfWork = require('../repositories/UnitOfWork');
    const PersonalUserRepository = require('../repositories/PersonalUserRepository');
    const CompanyUserRepository = require('../repositories/CompanyUserRepository');
    const uow = new UnitOfWork();
    let user = null;
    let email = null;
    try {
      await uow.start();
      const personalRepo = new PersonalUserRepository(uow);
      const companyRepo = new CompanyUserRepository(uow);
      user = await personalRepo.findById(userId);
      if (!user) user = await companyRepo.findById(userId);
      if (!user) {
        await uow.rollback();
        return res.status(404).json({ success: false, message: 'User not found.' });
      }
      email = user.email;
      await uow.commit();
    } catch (err) {
      await uow.rollback();
      console.error('[ADMIN SEND PASSWORD RESET] Error:', err); // <-- log error details
      return res.status(500).json({ success: false, message: 'Internal server error.' });
    }
    // Call the password reset controller
    req.body = { email }; // Set email in body for controller
    return PasswordResetController.requestPasswordReset(req, res);
  }
);

router.delete(
  '/admin/user/:id',
  authMiddleware,
  requireAdmin,
  AdminUserController.deleteUser
);

module.exports = router;