package api

import (
	"encoding/json"
	"net/http"

	"github.com/julienschmidt/httprouter"
	"github.com/notherealmarco/WASAPhoto/service/api/authorization"
	"github.com/notherealmarco/WASAPhoto/service/api/helpers"
	"github.com/notherealmarco/WASAPhoto/service/api/reqcontext"
	"github.com/notherealmarco/WASAPhoto/service/database"
)

func (rt *_router) GetUserBans(w http.ResponseWriter, r *http.Request, ps httprouter.Params, ctx reqcontext.RequestContext) {

	// Get user id
	uid := ps.ByName("user_id")

	if !authorization.SendAuthorizationError(ctx.Auth.UserAuthorized, uid, rt.db, w, rt.baseLogger, http.StatusNotFound) {
		// A user should not be able to see other users' bans
		return
	}

	// Get limits, or use default values
	start_index, limit, err := helpers.GetLimits(r.URL.Query())

	if err != nil {
		// Send error if the limits are specified but invalid
		helpers.SendBadRequest(w, "Invalid start_index or limit value", rt.baseLogger)
		return
	}

	// Get bans
	// We don't need to check if the user exists, because the authorization middleware already did that
	bans, err := rt.db.GetUserBans(uid, start_index, limit)

	if err != nil {
		helpers.SendInternalError(err, "Database error: GetUserBans", w, rt.baseLogger)
		return
	}

	// Return ban list
	w.Header().Set("Content-Type", "application/json")
	w.WriteHeader(http.StatusOK) // is it needed?

	err = json.NewEncoder(w).Encode(bans) // write the response

	if err != nil {
		helpers.SendInternalError(err, "Error encoding json", w, rt.baseLogger)
		return
	}
}

func (rt *_router) PutBan(w http.ResponseWriter, r *http.Request, ps httprouter.Params, ctx reqcontext.RequestContext) {

	uid := ps.ByName("user_id")
	banned := ps.ByName("ban_uid")

	// send error if the user has no permission to perform this action
	if !authorization.SendAuthorizationError(ctx.Auth.UserAuthorized, uid, rt.db, w, rt.baseLogger, http.StatusNotFound) {
		return
	}

	if uid == banned {
		helpers.SendBadRequest(w, "You cannot ban yourself", rt.baseLogger)
		return
	}

	// Execute the query
	status, err := rt.db.BanUser(uid, banned)

	if err != nil {
		helpers.SendInternalError(err, "Database error: BanUser", w, rt.baseLogger)
		return
	}

	if status == database.ERR_NOT_FOUND {
		helpers.SendBadRequest(w, "You are trying to ban a non-existent user", rt.baseLogger)
		return
	}

	if status == database.ERR_EXISTS {
		w.WriteHeader(http.StatusNoContent)
		return
	}

	// Removes the banning user to the banned user's followers (if present)
	_, err = rt.db.UnfollowUser(banned, uid)

	if err != nil {
		helpers.SendInternalError(err, "Database error: UnfollowUser", w, rt.baseLogger)
	}

	helpers.SendStatus(http.StatusCreated, w, "Success", rt.baseLogger)
}

func (rt *_router) DeleteBan(w http.ResponseWriter, r *http.Request, ps httprouter.Params, ctx reqcontext.RequestContext) {
	uid := ps.ByName("user_id")
	banned := ps.ByName("ban_uid")

	// send error if the user has no permission to perform this action
	if !authorization.SendAuthorizationError(ctx.Auth.UserAuthorized, uid, rt.db, w, rt.baseLogger, http.StatusNotFound) {
		return
	}

	// Execute the query
	status, err := rt.db.UnbanUser(uid, banned)

	if err != nil {
		helpers.SendInternalError(err, "Database error: UnbanUser", w, rt.baseLogger)
		return
	}

	if status == database.ERR_NOT_FOUND {
		helpers.SendNotFound(w, "User not banned", rt.baseLogger)
		return
	}

	w.WriteHeader(http.StatusNoContent)
}