using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization;
using System.Collections.Generic;
using Microsoft.AspNetCore.Http;
using Oqtane.Shared;
using Oqtane.Enums;
using Oqtane.Infrastructure;
using SZUAbsolventenverein.Module.AdminModules.Services;
using Oqtane.Controllers;
using System.Net;
using System.Threading.Tasks;

namespace SZUAbsolventenverein.Module.AdminModules.Controllers
{
    [Route(ControllerRoutes.ApiRoute)]
    public class AdminModulesController : ModuleControllerBase
    {
        private readonly IAdminModulesService _AdminModulesService;

        public AdminModulesController(IAdminModulesService AdminModulesService, ILogManager logger, IHttpContextAccessor accessor) : base(logger, accessor)
        {
            _AdminModulesService = AdminModulesService;
        }

        // GET: api/<controller>?moduleid=x
        [HttpGet]
        [Authorize(Policy = PolicyNames.ViewModule)]
        public async Task<IEnumerable<Models.AdminModules>> Get(string moduleid)
        {
            int ModuleId;
            if (int.TryParse(moduleid, out ModuleId) && IsAuthorizedEntityId(EntityNames.Module, ModuleId))
            {
                return await _AdminModulesService.GetAdminModulessAsync(ModuleId);
            }
            else
            {
                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Get Attempt {ModuleId}", moduleid);
                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                return null;
            }
        }

        // GET api/<controller>/5
        [HttpGet("{id}/{moduleid}")]
        [Authorize(Policy = PolicyNames.ViewModule)]
        public async Task<Models.AdminModules> Get(int id, int moduleid)
        {
            Models.AdminModules AdminModules = await _AdminModulesService.GetAdminModulesAsync(id, moduleid);
            if (AdminModules != null && IsAuthorizedEntityId(EntityNames.Module, AdminModules.ModuleId))
            {
                return AdminModules;
            }
            else
            { 
                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Get Attempt {AdminModulesId} {ModuleId}", id, moduleid);
                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                return null;
            }
        }

        // POST api/<controller>
        [HttpPost]
        [Authorize(Policy = PolicyNames.EditModule)]
        public async Task<Models.AdminModules> Post([FromBody] Models.AdminModules AdminModules)
        {
            if (ModelState.IsValid && IsAuthorizedEntityId(EntityNames.Module, AdminModules.ModuleId))
            {
                AdminModules = await _AdminModulesService.AddAdminModulesAsync(AdminModules);
            }
            else
            {
                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Post Attempt {AdminModules}", AdminModules);
                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                AdminModules = null;
            }
            return AdminModules;
        }

        // PUT api/<controller>/5
        [HttpPut("{id}")]
        [Authorize(Policy = PolicyNames.EditModule)]
        public async Task<Models.AdminModules> Put(int id, [FromBody] Models.AdminModules AdminModules)
        {
            if (ModelState.IsValid && AdminModules.AdminModulesId == id && IsAuthorizedEntityId(EntityNames.Module, AdminModules.ModuleId))
            {
                AdminModules = await _AdminModulesService.UpdateAdminModulesAsync(AdminModules);
            }
            else
            {
                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Put Attempt {AdminModules}", AdminModules);
                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                AdminModules = null;
            }
            return AdminModules;
        }

        // DELETE api/<controller>/5
        [HttpDelete("{id}/{moduleid}")]
        [Authorize(Policy = PolicyNames.EditModule)]
        public async Task Delete(int id, int moduleid)
        {
            Models.AdminModules AdminModules = await _AdminModulesService.GetAdminModulesAsync(id, moduleid);
            if (AdminModules != null && IsAuthorizedEntityId(EntityNames.Module, AdminModules.ModuleId))
            {
                await _AdminModulesService.DeleteAdminModulesAsync(id, AdminModules.ModuleId);
            }
            else
            {
                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Delete Attempt {AdminModulesId} {ModuleId}", id, moduleid);
                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
            }
        }

        // GET api/<controller>/5/roles
        [HttpGet("roles/{id}")]
        [Authorize(Policy = PolicyNames.EditModule)]
        public async Task<int> GetUserCount(int id, [FromBody] Models.EmailFields EmailFields)
        {
            if (ModelState.IsValid && EmailFields.AdminModulesId == id && IsAuthorizedEntityId(EntityNames.Module, EmailFields.ModuleId))
            {
                return await _AdminModulesService.GetUsercountInRole(EmailFields);
            }
            else
            {
                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Put Attempt {AdminModules}", EmailFields);
                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                EmailFields = null;
                return -1;
            }
        }
    }
}