/*
    This file is part of jellything (https://codeberg.org/metamuffin/jellything)
    which is licensed under the GNU Affero General Public License (version 3); see /COPYING.
    Copyright (C) 2023 metamuffin <metamuffin.org>
*/
use crate::{
    database::Database,
    routes::ui::{
        account::session::Session,
        error::MyResult,
        layout::{DynLayoutPage, LayoutPage},
    },
    uri,
};
use anyhow::anyhow;
use rand::Rng;
use rocket::{form::Form, get, post, FromForm, State};

#[get("/account/admin/dashboard")]
pub fn r_account_admin_dashboard(
    session: Session,
    database: &State<Database>,
) -> MyResult<DynLayoutPage<'static>> {
    if !session.user.admin {
        Err(anyhow!("you not admin"))?
    }

    // TODO this doesnt scale
    let users = database.users.iter().collect::<Result<Vec<_>, _>>()?;

    Ok(LayoutPage {
        title: "Admin Dashboard".to_string(),
        content: markup::new! {
            h1 { "Admin Panel" }
            h2 { "Invitations"}
            form[method="POST", action=uri!(r_account_admin_invite())] {
                input[type="submit", value="Generate new invite code"];
            }
            h2 { "Users" }
            @for (_, u) in &users {
                form[method="POST", action=uri!(r_account_admin_remove_user())] {
                    span { @format!("{:?}", u.display_name) " (" @u.name ")" }
                    input[type="text", name="name", value=&u.name, hidden];
                    input[type="submit", value="Remove(!)"];
                }
            }
        },
    })
}

#[post("/account/admin/generate_invite")]
pub fn r_account_admin_invite(
    session: Session,
    database: &State<Database>,
) -> MyResult<DynLayoutPage<'static>> {
    if !session.user.admin {
        Err(anyhow!("you not admin"))?
    }

    let i = format!("{}", rand::thread_rng().gen::<u128>());
    database.invites.insert(&i, &())?;

    Ok(LayoutPage {
        title: "Admin Dashboard".to_string(),
        content: markup::new! {
            pre { code { @i } }
        },
    })
}

#[derive(FromForm)]
pub struct DeleteUser {
    name: String,
}

#[post("/account/admin/remove_user", data = "<form>")]
pub fn r_account_admin_remove_user(
    session: Session,
    database: &State<Database>,
    form: Form<DeleteUser>,
) -> MyResult<DynLayoutPage<'static>> {
    if !session.user.admin {
        Err(anyhow!("you not admin"))?
    }
    database
        .users
        .remove(&form.name)?
        .ok_or(anyhow!("user did not exist"))?;

    Ok(LayoutPage {
        title: "User removed".to_string(),
        content: markup::new! {
            p { "User removed" }
        },
    })
}