import { Controller, Param, Post, Request, Res, UseGuards } from '@nestjs/common';
import type { Response, Request as ExpressRequest } from 'express';
import { JwtAuthGuard } from '@modules/organization/auth/guards/jwt-auth.guard';
import { SkipTransform } from '@common/decorators/skip-transform.decorator';
import { MeetingPtoMarkingService } from '../services/meeting-pto-marking.service';
import { handleMeetingAttendanceError } from '../errors/handle-controller-error';
import { getMeetingRoleFromUser, isMeetingAdminRole } from '../utils/meeting-roles';

/**
 * 会议级 PTO 标记接口（手动触发）。
 * 仅会议管理员（Administrator / MeetingManager）可调用。
 *
 * 自动触发版本走 MeetingsService.create / update 内部钩子，不通过此 controller。
 */
@Controller('meeting-attendance/meetings')
@SkipTransform()
@UseGuards(JwtAuthGuard)
export class MeetingAttendancePtoController {
  constructor(private readonly ptoMarking: MeetingPtoMarkingService) {}

  @Post(':meetingId/apply-pto')
  async applyPto(
    @Param('meetingId') meetingId: string,
    @Request() req: ExpressRequest,
    @Res() res: Response,
  ) {
    try {
      const actor = await this.requireMeetingAdmin(req, res);
      if (!actor) return res;

      const result = await this.ptoMarking.applyForMeeting(meetingId, actor as any, req);
      return res.status(200).json(result);
    } catch (error) {
      return handleMeetingAttendanceError(res, error, 'Failed to apply PTO');
    }
  }

  private async requireMeetingAdmin(req: ExpressRequest, res: Response) {
    const user = req.user as
      | { userId?: string; id?: string; email?: string; displayName?: string; roles?: any[] }
      | undefined;
    if (!user?.userId && !user?.id) {
      res.status(401).json({ error: 'Unauthorized' });
      return null;
    }

    const role = getMeetingRoleFromUser(user as any);
    if (!isMeetingAdminRole(role)) {
      res
        .status(403)
        .json({ error: 'Insufficient permissions. Only meeting administrators can apply PTO marking.' });
      return null;
    }

    return user;
  }
}