using Coscine.Api.Project.Models;
using Coscine.Api.Project.ReturnObjects;
using Coscine.ApiCommons;
using Coscine.ApiCommons.Factories;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Linq;
using Coscine.Action;
using Coscine.Configuration;
using Coscine.Action.EventArgs;
using Microsoft.AspNetCore.Authorization;
using Newtonsoft.Json.Linq;
using Coscine.Database.Model;

namespace Coscine.Api.Project.Controllers
{
    [Authorize]
    public class ResourceController : Controller
    {
        private readonly Authenticator _authenticator;
        private readonly ResourceModel _resourceModel;
        private readonly IConfiguration _configuration;
        private readonly Emitter _emitter;

        public ResourceController()
        {
            _authenticator = new Authenticator(this, Program.Configuration);
            _configuration = Program.Configuration;
            _resourceModel = new ResourceModel();
            _emitter = new Emitter(this._configuration);
        }

        [Route("[controller]")]
        public IActionResult Index()
        {
            var user = _authenticator.GetUser();
            return Json(_resourceModel.GetAllWhere((resource) =>
                (from projectResource in resource.ProjectResourceResourceIdIds
                 where (from projectRole in projectResource.Project.ProjectRolesProjectIdIds
                        where projectRole.User == user
                        && (projectRole.Role.DisplayName == "Owner" || projectRole.Role.DisplayName == "Member")
                        select projectRole).Any()
                 select projectResource).Any()
            ).Select((resource) => _resourceModel.CreateReturnObjectFromDatabaseObject(resource)));
        }


        [HttpGet("[controller]/{id}")]
        public IActionResult Get(string id)
        {
            var resource = _resourceModel.GetById(Guid.Parse(id));
            var user = _authenticator.GetUser();
            if (_resourceModel.HasAccess(user, resource, UserRoles.Owner, UserRoles.Member))
            {
                _resourceModel.SetType(resource);
                return Json(_resourceModel.CreateReturnObjectFromDatabaseObject(resource));
            }
            else
            {
                return Unauthorized("User does not own resource!");
            }
        }

        [HttpGet("[controller]/resource/{id}/isCreator")]
        public IActionResult IsUserResourceCreator(string id)
        {
            Resource resource = _resourceModel.GetById(Guid.Parse(id));
            var user = _authenticator.GetUser();
            var json = new JObject
            {
                ["isResourceCreator"] = resource.Creator.Equals(user.Id)
            };
            return Json(json);
        }

        [HttpPost("[controller]/{id}")]
        public IActionResult Update(string id)
        {
            var resourceObject = ObjectFactory<ResourceObject>.DeserializeFromStream(Request.Body);
            var resource = _resourceModel.GetById(Guid.Parse(id));
            var user = _authenticator.GetUser();

            if (_resourceModel.HasAccess(user, resource, UserRoles.Owner) ||
                (_resourceModel.HasAccess(user, resource, UserRoles.Member) && resource.Creator.Equals(user.Id)))
            {
                return Json(_resourceModel.UpdateByObject(resource, resourceObject));
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected resource!");
            }
        }

        [HttpDelete("[controller]/{id}")]
        public IActionResult Delete(string id)
        {
            var resource = _resourceModel.GetById(Guid.Parse(id));
            var user = _authenticator.GetUser();
            if (_resourceModel.HasAccess(user, resource, UserRoles.Owner) ||
                (_resourceModel.HasAccess(user, resource, UserRoles.Member) && resource.Creator.Equals(user.Id)))
            {
                var returnObject = _resourceModel.CreateReturnObjectFromDatabaseObject(resource);
                _emitter.EmitResourceDelete(new ResourceEventArgs(_configuration)
                {
                    Resource = resource
                });
                _resourceModel.DeleteResource(resource);
                return Json(returnObject);
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected resource!");
            }
        }

        [HttpPost("[controller]/project/{projectId}")]
        public IActionResult StoreToProject(string projectId)
        {
            var resourceObject = ObjectFactory<ResourceObject>.DeserializeFromStream(Request.Body);
            var projectModel = new ProjectModel();
            var resourceTypeModel = new ResourceTypeModel();
            var isResourceEnabled = resourceTypeModel.GetById(resourceObject.Type.Id).Enabled;
            var project = projectModel.GetById(Guid.Parse(projectId));
            var user = _authenticator.GetUser();

            if (projectModel.HasAccess(user, project, UserRoles.Owner, UserRoles.Member))
            {
                if (!isResourceEnabled)
                {
                    return Unauthorized("The user is not authorized to add a new resource of this type to the selected project!");
                }
                resourceObject.Creator = user.Id;
                var resource = _resourceModel.StoreFromObject(resourceObject);
                projectModel.AddResource(project, resource);

                _emitter.EmitResourceCreate(new ResourceEventArgs(_configuration)
                {
                    Resource = resource
                });

                return Json(_resourceModel.CreateReturnObjectFromDatabaseObject(resource));
            }
            else
            {
                return Unauthorized("The user is not authorized to add a new resource to the selected project!");
            }
        }
    }
}