/*
    This file is part of jellything (https://codeberg.org/metamuffin/jellything)
    which is licensed under the GNU Affero General Public License (version 3); see /COPYING.
    Copyright (C) 2023 metamuffin <metamuffin.org>
*/
use crate::{
    database::Database,
    routes::ui::{
        account::session::Session,
        error::MyResult,
        layout::{DynLayoutPage, LayoutPage},
    },
    uri,
};
use anyhow::anyhow;
use rand::Rng;
use rocket::{form::Form, get, post, FromForm, State};

#[get("/account/admin/dashboard")]
pub fn r_account_admin_dashboard(
    session: Session,
    database: &State<Database>,
) -> MyResult<DynLayoutPage<'static>> {
    if !session.user.admin {
        Err(anyhow!("you not admin"))?
    }

    // TODO this doesnt scale, pagination!
    let users = database.users.iter().collect::<Result<Vec<_>, _>>()?;
    let invites = database.invites.iter().collect::<Result<Vec<_>, _>>()?;

    Ok(LayoutPage {
        title: "Admin Dashboard".to_string(),
        content: markup::new! {
            h1 { "Admin Panel" }
            h2 { "Invitations"}
            form[method="POST", action=uri!(r_account_admin_invite())] {
                input[type="submit", value="Generate new invite code"];
            }
            ul { @for t in &invites {
                li {
                    form[method="POST", action=uri!(r_account_admin_remove_invite())] {
                        span { @t.0 }
                        input[type="text", name="invite", value=&t.0, hidden];
                        input[type="submit", value="Invalidate"];
                    }
                }
            }}
            h2 { "Users" }
            ul { @for (_, u) in &users {
                li { form[method="POST", action=uri!(r_account_admin_remove_user())] {
                    span { @format!("{:?}", u.display_name) " (" @u.name ")" }
                    input[type="text", name="name", value=&u.name, hidden];
                    input[type="submit", value="Remove(!)"];
                }}
            }}
        },
        ..Default::default()
    })
}

#[post("/account/admin/generate_invite")]
pub fn r_account_admin_invite(
    session: Session,
    database: &State<Database>,
) -> MyResult<DynLayoutPage<'static>> {
    if !session.user.admin {
        Err(anyhow!("you not admin"))?
    }

    let i = format!("{}", rand::thread_rng().gen::<u128>());
    database.invites.insert(&i, &())?;

    Ok(LayoutPage {
        title: "Admin Dashboard".to_string(),
        content: markup::new! {
            pre { code { @i } }
        },
        ..Default::default()
    })
}

#[derive(FromForm)]
pub struct DeleteUser {
    name: String,
}

#[post("/account/admin/remove_user", data = "<form>")]
pub fn r_account_admin_remove_user(
    session: Session,
    database: &State<Database>,
    form: Form<DeleteUser>,
) -> MyResult<DynLayoutPage<'static>> {
    if !session.user.admin {
        Err(anyhow!("you not admin"))?
    }
    database
        .users
        .remove(&form.name)?
        .ok_or(anyhow!("user did not exist"))?;

    Ok(LayoutPage {
        title: "User removed".to_string(),
        content: markup::new! {
            p { "User removed" }
            a[href=uri!(r_account_admin_dashboard())] {"Back"}
        },
        ..Default::default()
    })
}

#[derive(FromForm)]
pub struct DeleteInvite {
    invite: String,
}

#[post("/account/admin/remove_invite", data = "<form>")]
pub fn r_account_admin_remove_invite(
    session: Session,
    database: &State<Database>,
    form: Form<DeleteInvite>,
) -> MyResult<DynLayoutPage<'static>> {
    if !session.user.admin {
        Err(anyhow!("you not admin"))?
    }
    database
        .invites
        .remove(&form.invite)?
        .ok_or(anyhow!("invite did not exist"))?;

    Ok(LayoutPage {
        title: "Invite invalidated".to_string(),
        content: markup::new! {
            p { "Invite invalidated" }
            a[href=uri!(r_account_admin_dashboard())] {"Back"}
        },
        ..Default::default()
    })
}