import {
  Controller,
  Get,
  Post,
  Patch,
  Delete,
  Param,
  Body,
  Query,
  Request,
  Res,
  Header,
} from '@nestjs/common';
import type { Response } from 'express';
import type { Request as ExpressRequest } from 'express';
import { RequirePermissions } from '@common/decorators/permissions.decorator';
import { CheckpointService } from '../services/checkpoint.service';
import { CheckinService } from '../services/checkin.service';
import { CreateCheckpointDto, UpdateCheckpointDto } from '../dto/checkpoint.dto';

@Controller('site-attendance/checkpoints')
export class SiteAttendanceCheckpointController {
  constructor(
    private readonly checkpointService: CheckpointService,
    private readonly checkinService: CheckinService,
  ) {}

  // --- Admin endpoints ---

  @Get()
  @RequirePermissions('site-attendance:checkpoint:manage')
  async listCheckpoints() {
    const checkpoints = await this.checkpointService.findAll();
    return { checkpoints };
  }

  @Post()
  @RequirePermissions('site-attendance:checkpoint:manage')
  async createCheckpoint(
    @Body() dto: CreateCheckpointDto,
    @Request() req: ExpressRequest,
  ) {
    const user = req.user as { userId?: string; id?: string } | undefined;
    const userId = user?.userId ?? user?.id;
    return this.checkpointService.create(dto, userId!);
  }

  @Get(':id')
  @RequirePermissions('site-attendance:checkpoint:manage')
  async getCheckpoint(@Param('id') id: string) {
    return this.checkpointService.findById(id);
  }

  @Patch(':id')
  @RequirePermissions('site-attendance:checkpoint:manage')
  async updateCheckpoint(
    @Param('id') id: string,
    @Body() dto: UpdateCheckpointDto,
  ) {
    return this.checkpointService.update(id, dto);
  }

  @Delete(':id')
  @RequirePermissions('site-attendance:checkpoint:manage')
  async deleteCheckpoint(@Param('id') id: string) {
    await this.checkpointService.remove(id);
    return { message: 'Checkpoint deleted' };
  }

  // --- Admin query endpoints ---

  @Get(':id/events')
  @RequirePermissions('site-attendance:records:read')
  async getCheckpointEvents(
    @Param('id') id: string,
    @Query('date') date?: string,
    @Query('page') page?: string,
    @Query('pageSize') pageSize?: string,
    @Query('userName') userName?: string,
    @Query('eventType') eventType?: string,
    @Query('lang') lang?: string,
  ) {
    return this.checkinService.getCheckpointEvents(
      id,
      date,
      page ? parseInt(page, 10) : 1,
      pageSize ? parseInt(pageSize, 10) : 50,
      userName,
      eventType,
      lang,
    );
  }

  @Get(':id/events/export')
  @RequirePermissions('site-attendance:records:read')
  async exportCheckpointEvents(
    @Param('id') id: string,
    @Res() res: Response,
    @Query('date') date?: string,
    @Query('lang') lang?: string,
  ) {
    try {
      const csv = await this.checkinService.exportEvents(id, date, lang);
      res.setHeader('Content-Type', 'text/csv; charset=utf-8');
      res.setHeader('Content-Disposition', `attachment; filename=attendance-${date || 'today'}.csv`);
      res.send('\uFEFF' + csv);
    } catch (err: any) {
      res.status(err.status ?? 500).json({ error: err.message ?? 'Export failed' });
    }
  }

  @Get(':id/today-summary')
  @RequirePermissions('site-attendance:records:read')
  async getTodaySummary(@Param('id') id: string) {
    return this.checkinService.getTodaySummary(id);
  }
}