// ***********************************************************************
// <copyright file="RoleController.cs">
//     Heath
// </copyright>
// ***********************************************************************
using Asp.Versioning;
using Core.Cerberos.Adapters;
using Core.Cerberos.Adapters.Attributes;
using Core.Cerberos.Adapters.Common.Constants;
using Core.Cerberos.Adapters.Common.Enums;
using Core.Cerberos.Domain.Contexts.Onboarding.Request;
using Core.Cerberos.Provider.Contracts;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace LSA.Core.Kerberos.API.Controllers
{
    /// <summary>
    /// Handles all requests for role authentication.
    /// </summary>
    [ApiVersion(MimeTypes.ApplicationVersion)]
    [Route("api/v{api-version:apiVersion}/[controller]")]
    [Produces(MimeTypes.ApplicationJson)]
    [Consumes(MimeTypes.ApplicationJson)]
    [ApiController]
    public class RoleController(IRoleService service, ILogger<RoleController> logger) : ControllerBase
    {
        /// <summary>
        /// Gets all the roles.
        /// </summary>
        /// <returns>The rol found entities.</returns>
        /// <response code="200">The roles found.</response>
        /// <response code="404">The roles not found error.</response>
        /// <response code="500">The service internal error.</response>
        [HttpGet]
        [ProducesResponseType(typeof(IEnumerable<RoleAdapter>), StatusCodes.Status200OK)]
        [Authorize(AuthenticationSchemes = Schemes.HeathScheme)]
        [Permission("RoleManagement.Read")]
        public async Task<IActionResult> GetAllRolesAsync()
        {
            try
            {
                var result = await service.GetAllRolesService();

                return Ok(result);
            }
            catch (Exception ex)
            {
                logger.LogError(ex, "Error in GetAllRolesAsync");
                return StatusCode(500, $"Internal server error, ErrorMessage: {ex.Message}");
            }
        }

        /// <summary>
        /// Gets the role by identifier.
        /// </summary>
        /// <param name="id">The role identifier.</param>
        /// <returns>The <see cref="RoleAdapter"/> found entity.</returns>
        /// <response code="200">The role found.</response>
        /// <response code="404">The role not found error.</response>
        /// <response code="500">The service internal error.</response>
        [HttpGet]
        [Route(Routes.Id)]
        [ProducesResponseType(typeof(RoleAdapter), StatusCodes.Status200OK)]
        [Authorize(AuthenticationSchemes = Schemes.HeathScheme)]
        [Permission("RoleManagement.Read")]
        public async Task<IActionResult> GetRoleByIdAsync([FromRoute] string id)
        {
            try
            {
                var result = await service.GetRoleByIdService(id);

                if (result is null) return NotFound($"role with id: '{id}' not found");

                return Ok(result);
            }
            catch (Exception ex)
            {
                logger.LogError(ex, "Error in GetRoleByIdAsync");
                return StatusCode(500, $"Internal server error, ErrorMessage: {ex.Message}");
            }
        }

        /// <summary>
        /// Creates a new role.
        /// </summary>
        /// <param name="newRole">The role to be added.</param>
        /// <returns>The <see cref="RoleAdapter"/> created entity.</returns>
        /// <response code="201">The role created.</response>
        /// <response code="422">The role could not be created.</response>
        /// <response code="500">The service internal error.</response>
        [HttpPost]
        [ProducesResponseType(typeof(RoleAdapter), StatusCodes.Status201Created)]
        [Authorize(AuthenticationSchemes = Schemes.HeathScheme)]
        [Permission("RoleManagement.Write")]
        public async Task<IActionResult> CreateRoleAsync([FromBody] RoleRequest newRole)
        {
            try
            {
                var result = await service.CreateRoleService(newRole).ConfigureAwait(false);

                return Created("CreatedWithIdService", result);
            }
            catch (Exception ex)
            {
                logger.LogError(ex, "Error in CreateRoleAsync");
                return StatusCode(500, $"Internal server error, ErrorMessage: {ex.Message}");
            }
        }

        /// <summary>
        /// Updates a full role by identifier.
        /// </summary>
        /// <param name="entity">The role to update.</param>
        /// <param name="id">The role identifier.</param>
        /// <returns>The <see cref="RoleAdapter"/> updated entity.</returns>
        /// <response code="200">The role updated.</response>
        /// <response code="404">The role not found.</response>
        /// <response code="422">The role could not be updated.</response>
        /// <response code="500">The service internal error.</response>
        [HttpPut]
        [Route(Routes.Id)]
        [ProducesResponseType(typeof(RoleAdapter), StatusCodes.Status200OK)]
        [Authorize(AuthenticationSchemes = Schemes.HeathScheme)]
        [Permission("RoleManagement.Write")]
        public async Task<IActionResult> UpdateRoleAsync([FromBody] RoleAdapter entity, [FromRoute] string id)
        {
            try
            {
                var result = await service.UpdateRoleService(entity, id);

                return Ok(result);
            }
            catch (Exception ex)
            {
                logger.LogError(ex, "Error in UpdateRoleAsync");
                return StatusCode(500, $"Internal server error, ErrorMessage: {ex.Message}");
            }
        }

        /// <summary>
        /// Changes the status of the role.
        /// </summary>
        /// <param name="id">The role identifier.</param>
        /// <param name="newStatus">The new status of the role.</param>
        /// <returns>The <see cref="RoleAdapter"/> updated entity.</returns>
        /// <response code="200">The role updates.</response>
        /// <response code="404">The role not found.</response>
        /// <response code="422">The role could not be deleted.</response>
        /// <response code="500">The service internal error.</response>
        [HttpPatch]
        [Route(Routes.ChangeStatus)]
        [ProducesResponseType(typeof(RoleAdapter), StatusCodes.Status200OK)]
        [Authorize(AuthenticationSchemes = Schemes.HeathScheme)]
        [Permission("RoleManagement.Write")]
        public async Task<IActionResult> ChangeRoleStatus([FromRoute] string id, [FromRoute] StatusEnum newStatus)
        {
            try
            {
                var result = await service.ChangeRoleStatusService(id, newStatus);

                return Ok(result);
            }
            catch (Exception ex)
            {
                logger.LogError(ex, "Error in ChangeRoleStatus");
                return StatusCode(500, $"Internal server error, ErrorMessage: {ex.Message}");
            }

        }

        /// <summary>
        /// Adds an application to the role's list of applications.
        /// </summary>
        /// <param name="roleId">The identifier of the role to which the application will be added.</param>
        /// <param name="application">The application enum value to add.</param>
        /// <returns>A <see cref="Task{RoleAdapter}"/> representing the asynchronous operation, with the updated role object.</returns>
        /// <response code="200">The role updates.</response>
        /// <response code="404">The role not found.</response>
        /// <response code="422">The role could not be deleted.</response>
        /// <response code="500">The service internal error.</response>
        [HttpPost(Routes.AddApplication)]
        [ProducesResponseType(typeof(RoleAdapter), StatusCodes.Status200OK)]
        [Authorize(AuthenticationSchemes = Schemes.HeathScheme)]
        [Permission("RoleManagement.Write")]
        public async Task<IActionResult> AddApplicationToRoleAsync([FromRoute] string roleId,
                                                                   [FromRoute] ApplicationsEnum application)
        {
            try
            {
                var updatedRole = await service.AddApplicationToRoleService(roleId, application);

                return Ok(updatedRole);
            }
            catch (Exception ex)
            {
                logger.LogError(ex, "Error in AddApplicationToRoleAsync");
                return StatusCode(500, $"Internal server error, ErrorMessage: {ex.Message}");
            }
        }

        /// <summary>
        /// Removes an application from the role's list of applications.
        /// </summary>
        /// <param name="roleId">The identifier of the role from which the application will be removed.</param>
        /// <param name="application">The application enum value to remove.</param>
        /// <returns>A <see cref="Task{RoleAdapter}"/> representing the asynchronous operation, with the updated role object.</returns>
        /// <response code="200">The role updates.</response>
        /// <response code="404">The role not found.</response>
        /// <response code="422">The role could not be deleted.</response>
        /// <response code="500">The service internal error.</response>
        [HttpDelete(Routes.RemoveApplication)]
        [ProducesResponseType(typeof(RoleAdapter), StatusCodes.Status200OK)]
        [Authorize(AuthenticationSchemes = Schemes.HeathScheme)]
        [Permission("RoleManagement.Write")]
        public async Task<IActionResult> RemoveApplicationFromRoleAsync([FromRoute] string roleId,
                                                                        [FromRoute] ApplicationsEnum application)
        {
            try
            {
                var updatedRole = await service.RemoveApplicationFromRoleService(roleId, application);
                return Ok(updatedRole);
            }
            catch (Exception ex)
            {
                logger.LogError(ex, "Error in RemoveApplicationFromRoleAsync");
                return StatusCode(500, $"Internal server error, ErrorMessage: {ex.Message}");
            }
        }
    }
}