using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization;

using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging;
using AyaNova.Models;
using AyaNova.Api.ControllerHelpers;
using AyaNova.Biz;


namespace AyaNova.Api.Controllers
{

    [ApiController]
    [ApiVersion("8.0")]
    [Route("api/v{version:apiVersion}/[controller]")]
    [Produces("application/json")]
    [Authorize]
    public class ContractController : ControllerBase
    {
        private readonly AyContext ct;
        private readonly ILogger<ContractController> log;
        private readonly ApiServerState serverState;


        /// <summary>
        /// ctor
        /// </summary>
        /// <param name="dbcontext"></param>
        /// <param name="logger"></param>
        /// <param name="apiServerState"></param>  
        public ContractController(AyContext dbcontext, ILogger<ContractController> logger, ApiServerState apiServerState)
        {
            ct = dbcontext;
            log = logger;
            serverState = apiServerState;
        }


        /// <summary>
        /// Get full Contract object
        /// </summary>
        /// <param name="id"></param>
        /// <returns>A single Contract</returns>
        [HttpGet("{id}")]
        public async Task<IActionResult> GetContract([FromRoute] long id)
        {
            if (!serverState.IsOpen)
                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));

            //Instantiate the business object handler
            ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);

            //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules 
            if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
                return StatusCode(403, new ApiNotAuthorizedResponse());

            if (!ModelState.IsValid)
                return BadRequest(new ApiErrorResponse(ModelState));

            var o = await biz.GetAsync(id);
            if (o == null)
                return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));

            // NOTE: HERE would be the second check of biz rules before returning the object
            // in cases where there is also a business rule to affect retrieval on top of basic rights

            return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
        }



        /// <summary>
        /// Put (update) Contract
        /// </summary>
        /// <param name="id"></param>
        /// <param name="inObj"></param>
        /// <returns></returns>
        [HttpPut("{id}")]
        public async Task<IActionResult> PutContract([FromRoute] long id, [FromBody] Contract inObj)
        {
            if (!serverState.IsOpen)
                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));

            if (!ModelState.IsValid)
                return BadRequest(new ApiErrorResponse(ModelState));

            //Instantiate the business object handler       
            ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);

            var o = await biz.GetAsync(id, false);
            if (o == null)
                return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));

            if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
                return StatusCode(403, new ApiNotAuthorizedResponse());

            try
            {
                if (!await biz.PutAsync(o, inObj))
                    return BadRequest(new ApiErrorResponse(biz.Errors));
            }
            catch (DbUpdateConcurrencyException)
            {
                if (!await biz.ExistsAsync(id))
                    return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
                else
                    return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
            }
            return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
        }


        /// <summary>
        /// Create Contract
        /// </summary>
        /// <param name="inObj"></param>
        /// <param name="apiVersion">From route path</param>
        /// <returns></returns>
        [HttpPost]
        public async Task<IActionResult> PostContract([FromBody] Contract inObj, ApiVersion apiVersion)
        {
            if (!serverState.IsOpen)
                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));

            //Instantiate the business object handler
            ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);

            //If a user has change roles
            if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
                return StatusCode(403, new ApiNotAuthorizedResponse());

            if (!ModelState.IsValid)
                return BadRequest(new ApiErrorResponse(ModelState));

            //Create and validate
            Contract o = await biz.CreateAsync(inObj);
            if (o == null)
                return BadRequest(new ApiErrorResponse(biz.Errors));
            else
                return CreatedAtAction(nameof(ContractController.GetContract), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));


        }

        /// <summary>
        /// Duplicate Contract
        /// </summary>
        /// <param name="id">Create a duplicate of this items id</param>
        /// <param name="apiVersion">From route path</param>
        /// <returns></returns>
        [HttpPost("duplicate/{id}")]
        public async Task<IActionResult> DuplicateContract([FromRoute] long id, ApiVersion apiVersion)
        {
            if (!serverState.IsOpen)
                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));

            //Instantiate the business object handler
            ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);

            //If a user has change roles
            if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
                return StatusCode(403, new ApiNotAuthorizedResponse());

            if (!ModelState.IsValid)
                return BadRequest(new ApiErrorResponse(ModelState));

            var oSrc = await biz.GetAsync(id, false);
            if (oSrc == null)
                return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));

            //Create and validate
            Contract o = await biz.DuplicateAsync(oSrc);
            if (o == null)
                return BadRequest(new ApiErrorResponse(biz.Errors));
            else
                return CreatedAtAction(nameof(ContractController.GetContract), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));

        }



        /// <summary>
        /// Delete Contract
        /// </summary>
        /// <param name="id"></param>
        /// <returns>Ok</returns>
        [HttpDelete("{id}")]
        public async Task<IActionResult> DeleteContract([FromRoute] long id)
        {
            if (!serverState.IsOpen)
                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));

            if (!ModelState.IsValid)
                return BadRequest(new ApiErrorResponse(ModelState));

            //Instantiate the business object handler
            ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);

            var o = await biz.GetAsync(id, false);
            if (o == null)
                return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));

            if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
                return StatusCode(403, new ApiNotAuthorizedResponse());

            if (!await biz.DeleteAsync(o))
                return BadRequest(new ApiErrorResponse(biz.Errors));

            return NoContent();
        }





        //------------


    }//eoc
}//eons