import {
  Controller,
  Get,
  Post,
  Put,
  Delete,
  Body,
  Param,
  Query,
  UseGuards,
  ParseUUIDPipe,
} from '@nestjs/common';
import { PositionsService } from './positions.service';
import { CreatePositionDto, UpdatePositionDto, PositionQueryDto } from './dto/position.dto';
import { PermissionsGuard } from '../auth/guards/permissions.guard';
import { RequirePermissions } from '@common/decorators/permissions.decorator';
import { Auditable, Sensitive } from '@core/observability/audit/decorators/auditable.decorator';

@Controller('positions')
export class PositionsController {
  constructor(private readonly positionsService: PositionsService) {}

  /**
   * Get position list
   */
  @Get()
  async findAll(@Query() query: PositionQueryDto) {
    return this.positionsService.findAll(query);
  }

  /**
   * Get position by ID
   */
  @Get(':id')
  async findOne(@Param('id', ParseUUIDPipe) id: string) {
    return this.positionsService.findOne(id);
  }

  /**
   * Create position
   * Scope: organization - 只能在本组织创建岗位
   */
  @Post()
  @Auditable()
  @RequirePermissions('position:create')
  async create(@Body() createPositionDto: CreatePositionDto) {
    return this.positionsService.create(createPositionDto);
  }

  /**
   * Update position
   * Scope: organization - 只能更新本组织岗位
   */
  @Put(':id')
  @Auditable()
  @Sensitive()
  @RequirePermissions('position:update')
  async update(
    @Param('id', ParseUUIDPipe) id: string,
    @Body() updatePositionDto: UpdatePositionDto,
  ) {
    return this.positionsService.update(id, updatePositionDto);
  }

  /**
   * Delete position
   * Scope: organization - 只能删除本组织岗位
   */
  @Delete(':id')
  @Auditable()
  @Sensitive()
  @RequirePermissions('position:delete')
  async remove(@Param('id', ParseUUIDPipe) id: string) {
    return this.positionsService.remove(id);
  }
}