package com.example.nto.controller;

import com.example.nto.model.dto.EmployeeDTO;
import com.example.nto.model.entity.Code;
import com.example.nto.model.entity.Employee;
import com.example.nto.service.EmployeeService;
import lombok.RequiredArgsConstructor;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;

@RestController
@RequestMapping("/api")
@RequiredArgsConstructor
public class EmployeeController {

    private final EmployeeService employeeService;

    @GetMapping("/auth")
    public ResponseEntity<?> authEmployee() {
        return new ResponseEntity<>(null, HttpStatus.OK);
    }

    @GetMapping("/info")
    public EmployeeDTO info(@RequestParam final String login) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        String recipientLogin = authentication.getName();
        return employeeService.getEmployeeDTO(login, recipientLogin);
    }

    @PatchMapping("/open")
    public void open(@RequestParam final String login, @RequestBody final Code code) {
        employeeService.updateVisit(login, code.getValue());
    }

    @PreAuthorize("hasAuthority('ROLE_ADMIN')")
    @PostMapping("/add")
    public void add(@RequestBody final Employee employee) {
        employeeService.addEmployee(employee);
    }

    @PreAuthorize("hasAuthority('ROLE_ADMIN')")
    @PutMapping("/ban")
    public void ban(@RequestParam final String login) {
        employeeService.banEmployee(login);
    }

    @PreAuthorize("hasAuthority('ROLE_ADMIN')")
    @PutMapping("/unban")
    public void unban(@RequestParam final String login) {
        employeeService.unbanEmployee(login);
    }
}