<?php

namespace App\Controller;

use App\Entity\Actions;
use App\Entity\Apps;
use App\Entity\Roles;
use App\Entity\User;
use App\Entity\UserOrganizatonApp;
use App\Entity\UsersOrganizations;
use App\Form\OrganizationForm;
use App\Repository\OrganizationsRepository;
use App\Service\ActionService;
use App\Service\AwsService;
use App\Service\LoggerService;
use App\Service\OrganizationsService;
use App\Service\UserOrganizationService;
use App\Service\UserService;
use Doctrine\DBAL\Exception\NonUniqueFieldNameException;
use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
use Doctrine\ORM\EntityManagerInterface;
use Doctrine\ORM\NonUniqueResultException;
use Exception;
use Psr\Log\LoggerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\Routing\Attribute\Route;
use App\Entity\Organizations;
use Symfony\Component\HttpFoundation\Response;

#[Route(path: '/organization', name: 'organization_')]
class OrganizationController extends AbstractController
{
    private const NOT_FOUND = 'Entity not found';
    private const ACCESS_DENIED = 'Access denied';


    public function __construct(private readonly EntityManagerInterface  $entityManager,
                                private readonly UserService             $userService,
                                private readonly OrganizationsService    $organizationsService,
                                private readonly ActionService           $actionService,
                                private readonly UserOrganizationService $userOrganizationService,
                                private readonly OrganizationsRepository $organizationsRepository,
                                private readonly AwsService              $awsService, private readonly LoggerService $loggerService, private readonly LoggerInterface $logger)
    {
    }

    #[Route(path: '/', name: 'index', methods: ['GET'])]
    public function index(): Response
    {
        $this->denyAccessUnlessGranted('ROLE_ADMIN');
        $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
        if($this->userService->hasAccessTo($actingUser, true)){
            $orgCount = $this->organizationsRepository->count(['isDeleted' => false]);
            if(!$this->isGranted("ROLE_SUPER_ADMIN")){
                $userUO = $this->entityManager->getRepository(UsersOrganizations::class)->findBy(['users' => $actingUser, 'isActive' => true]);
                $uoAdmin = 0;
                foreach($userUO as $u){
                    if($this->userService->isAdminOfOrganization($u->getOrganization())){
                        $uoAdmin++;
                    }
                }
                if($uoAdmin === 1){
                    return $this->redirectToRoute('organization_show', ['id' => $userUO[0]->getOrganization()->getId()]);
                }
            }
            return $this->render('organization/index.html.twig', [
                'hasOrganizations' => $orgCount > 0
            ]);
        }
        $this->loggerService->logAccessDenied($actingUser->getId());
        throw new AccessDeniedHttpException('Access denied');
    }


    #[Route(path: '/create', name: 'create', methods: ['GET', 'POST'])]
    public function new(Request $request): Response
    {
        $this->denyAccessUnlessGranted('ROLE_SUPER_ADMIN');
        $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
        if ($request->isMethod('POST')) {
            $organization = new Organizations();
            $form = $this->createForm(OrganizationForm::class, $organization);
            $form->handleRequest($request);
            if ($form->isSubmitted() && $form->isValid()) {
                $logoFile = $form->get('logoUrl')->getData();
                if ($logoFile) {
                    $this->organizationsService->handleLogo($organization, $logoFile);
                }
                try {
                    $this->entityManager->persist($organization);
                    $this->entityManager->flush();
                    $this->loggerService->logOrganizationInformation($organization->getId(), $actingUser->getId(), "Organization Created");
                    $this->loggerService->logSuperAdmin($actingUser->getId(), $actingUser->getId(), "Organization Created", $organization->getId());
                    $this->actionService->createAction("Create Organization", $actingUser, $organization, $organization->getName());
                    $this->addFlash('success', 'Organisation crée avec succès.');
                    return $this->redirectToRoute('organization_index');
                } catch (Exception $e) {
                    $this->addFlash('error', 'Erreur lors de la création de l\'organization');
                    $this->loggerService->logError('Error creating organization', ['acting_user_id' => $actingUser->getId(), 'error' => $e->getMessage()]);
                }
            }
            return $this->render('organization/new.html.twig', [
                'form' => $form->createView(),
            ]);
        }

        $form = $this->createForm(OrganizationForm::class);
        return $this->render('organization/new.html.twig', [
            'form' => $form->createView(),
        ]);
    }

    #[Route(path: '/edit/{id}', name: 'edit', methods: ['GET', 'POST'])]
    public function edit(Request $request, $id): Response
    {
        $this->denyAccessUnlessGranted('ROLE_ADMIN');
        $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
        $organization = $this->organizationsRepository->find($id);
        if (!$organization) {
            $this->loggerService->logEntityNotFound('Organization', [
                'org_id' => $id,
                'message' => 'Organization not found for edit'], $actingUser->getId()
            );
            $this->addFlash('error', 'Erreur, l\'organization est introuvable.');
            return $this->redirectToRoute('organization_index');
        }
        if (!$this->isGranted("ROLE_SUPER_ADMIN")) {
            //check if the user is admin of the organization
            $uo = $this->entityManager->getRepository(UsersOrganizations::class)->findOneBy(['users' => $actingUser, 'organization' => $organization]);
            if (!$uo) {
                $this->loggerService->logEntityNotFound('UO link', [
                    'user_id' => $actingUser->getId(),
                    'org_id' => $organization->getId(),
                    'message' => 'UO link not found for edit organization'
                ], $actingUser->getId());
                $this->addFlash('error', 'Erreur, accès refusé.');
                return $this->redirectToRoute('organization_index');
            }
            $roleAdmin = $this->entityManager->getRepository(Roles::class)->findOneBy(['name' => 'ADMIN']);
            $uoaAdmin = $this->entityManager->getRepository(UserOrganizatonApp::class)->findOneBy(['userOrganization' => $uo, 'role' => $roleAdmin]);
            if (!$uoaAdmin) {
                $this->loggerService->logEntityNotFound('UOA link', [
                    'uo_id' => $uo->getId(),
                    'role_id' => $roleAdmin->getId(),
                    'message' => 'UOA link not found for edit organization, user is not admin of organization'
                ], $actingUser->getId());
                $this->addFlash('error', 'Erreur, accès refusé.');
                return $this->redirectToRoute('organization_index');
            }
        }
        $form = $this->createForm(OrganizationForm::class, $organization);
        $form->handleRequest($request);
        if ($form->isSubmitted() && $form->isValid()) {
            $logoFile = $form->get('logoUrl')->getData();
            if ($logoFile) {
                $this->organizationsService->handleLogo($organization, $logoFile);
            }
            try {
                $this->entityManager->persist($organization);
                $this->entityManager->flush();
                $this->loggerService->logOrganizationInformation($organization->getId(), $actingUser->getId(), "Organization Edited");
                if ($this->isGranted("ROLE_SUPER_ADMIN")) {
                    $this->loggerService->logSuperAdmin($actingUser->getId(), $actingUser->getId(), "Organization Edited", $organization->getId());
                }
                $this->actionService->createAction("Edit Organization", $actingUser, $organization, $organization->getName());
                $this->addFlash('success', 'Organisation modifiée avec succès.');
                return $this->redirectToRoute('organization_index');
            }catch (Exception $e) {
                $this->addFlash('error', 'Erreur lors de la modification de l\'organization');
                $this->loggerService->logError('Error editing organization', ['acting_user_id' => $actingUser->getId(), 'error' => $e->getMessage()]);
            }
        }
        return $this->render('organization/edit.html.twig', [
            'form' => $form->createView(),
            'organization' => $organization,
        ]);
    }

    #[Route(path: '/view/{id}', name: 'show', methods: ['GET'])]
    public function view($id): Response
    {
        $this->denyAccessUnlessGranted('ROLE_ADMIN');
        $organization = $this->organizationsRepository->find($id);
        $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
        if (!$organization) {
            $this->loggerService->logEntityNotFound('Organization', [
                'org_id' => $id,
                'message' => 'Organization not found for view'
            ], $actingUser->getId());
            $this->addFlash('error', 'Erreur, l\'organization est introuvable.');
            return $this->redirectToRoute('organization_index');
        }
        //check if the user is admin of the organization
        if (!$this->userService->isAdminOfOrganization($organization) && !$this->isGranted("ROLE_SUPER_ADMIN")) {
            $this->loggerService->logAccessDenied($actingUser->getId());
            $this->addFlash('error', 'Erreur, accès refusé.');
            throw new AccessDeniedHttpException('Access denied');
        }

        $allApps = $this->entityManager->getRepository(Apps::class)->findAll(); // appsAll
        $orgApps = $organization->getApps()->toArray(); // apps

        $apps = $this->organizationsService->appsAccess($allApps, $orgApps);

        $actions = $this->entityManager->getRepository(Actions::class)->findBy(['Organization' => $organization], orderBy: ['date' => 'DESC'], limit: 15);
        $activities = $this->actionService->formatActivities($actions);

        $this->actionService->createAction("View Organization", $actingUser, $organization, $organization->getName());
        return $this->render('organization/show.html.twig', [
            'organization' => $organization,
            'applications' => $apps,
            'activities' => $activities,
        ]);
    }

    #[Route(path: '/delete/{id}', name: 'delete', methods: ['POST'])]
    public function delete($id): Response
    {
        $this->denyAccessUnlessGranted("ROLE_ADMIN");
        $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
        $organization = $this->organizationsRepository->find($id);
        if (!$organization) {
            $this->loggerService->logEntityNotFound('Organization', [
                'org_id' => $id,
                'message' => 'Organization not found for delete'
            ], $actingUser->getId());
            $this->addFlash('error', 'Erreur, l\'organization est introuvable.');
            throw $this->createNotFoundException(self::NOT_FOUND);
        }
        try {
            $organization->setIsActive(false);
            $organization->setIsDeleted(true);
            $this->organizationsService->deleteLogo($organization);
            // Deactivate all associated UsersOrganizations
            $this->userOrganizationService->deactivateAllUserOrganizationLinks($actingUser, null, $organization);

            $this->entityManager->persist($organization);
            $this->actionService->createAction("Delete Organization", $actingUser, $organization, $organization->getName());
            $this->entityManager->flush();
            $this->loggerService->logOrganizationInformation($organization->getId(), $actingUser->getId(),'Organization Deleted');
            if ($this->isGranted("ROLE_SUPER_ADMIN")) {
                $this->loggerService->logSuperAdmin($actingUser->getId(), $actingUser->getId(),'Organization Deleted', $organization->getId());
            }
            $this->addFlash('success', 'Organisation supprimée avec succès.');
        }catch (\Exception $e){
            $this->loggerService->logError($actingUser->getId(), ['message' => 'Error deleting organization: '.$e->getMessage()]);
            $this->addFlash('error', 'Erreur lors de la suppression de l\'organization.');
        }

        return $this->redirectToRoute('organization_index');
    }

    #[Route(path: '/deactivate/{id}', name: 'deactivate', methods: ['POST'])]
    public function deactivate($id): Response
    {
        $this->denyAccessUnlessGranted("ROLE_SUPER_ADMIN");
        $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
        $organization = $this->organizationsRepository->find($id);
        if (!$organization) {
            $this->loggerService->logEntityNotFound('Organization', [
                'org_id' => $id,
                'message' => 'Organization not found for deactivate'
            ], $actingUser->getId());
            $this->addFlash('error', 'Erreur, l\'organization est introuvable.');
            throw $this->createNotFoundException(self::NOT_FOUND);
        }

        $organization->setIsActive(false);
//        $this->userOrganizationService->deactivateAllUserOrganizationLinks($actingUser, null, $organization);
        $this->entityManager->persist($organization);
        $this->actionService->createAction("Deactivate Organization", $actingUser, $organization, $organization->getName());
        $this->loggerService->logSuperAdmin($actingUser->getId(), $actingUser->getId(),'Organization deactivated', $organization->getId());
        $this->addFlash('success', 'Organisation désactivé avec succès.');
        return $this->redirectToRoute('organization_index');
    }

    #[Route(path: '/activate/{id}', name: 'activate', methods: ['POST'])]
    public function activate($id): Response
    {
        $this->denyAccessUnlessGranted("ROLE_SUPER_ADMIN");
        $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
        $organization = $this->organizationsRepository->find($id);
        if (!$organization) {
            $this->loggerService->logEntityNotFound('Organization', [
                'org_id' => $id,
                'message' => 'Organization not found for activate'
            ], $actingUser->getId());
            $this->addFlash('error', 'Erreur, l\'organization est introuvable.');
            throw $this->createNotFoundException(self::NOT_FOUND);
        }
        $organization->setIsActive(true);
        $this->entityManager->persist($organization);
        $this->loggerService->logOrganizationInformation($organization->getId(), $actingUser->getId(),'Organization Activated');
        $this->loggerService->logSuperAdmin($actingUser->getId(), $actingUser->getId(),'Organization Activated', $organization->getId());
        $this->actionService->createAction("Activate Organization", $actingUser, $organization, $organization->getName());
        $this->addFlash('success', 'Organisation activée avec succès.');
        return $this->redirectToRoute('organization_index');
    }

//    API endpoint to fetch organization data for Tabulator
    #[Route(path: '/data/{id}', name: 'data', methods: ['GET'])]
    public function data(Request $request): JsonResponse
    {
        $this->denyAccessUnlessGranted('ROLE_ADMIN');


        $page = max(1, (int)$request->query->get('page', 1));
        $size = max(1, (int)$request->query->get('size', 10));

        $filters = $request->query->all('filter');


        $qb = $this->organizationsRepository->createQueryBuilder('o')
            ->where('o.isDeleted = :del')->setParameter('del', false);

        if (!empty($filters['name'])) {
            $qb->andWhere('o.name LIKE :name')
                ->setParameter('name', '%' . $filters['name'] . '%');
        }
        if (!empty($filters['email'])) {
            $qb->andWhere('o.email LIKE :email')
                ->setParameter('email', '%' . $filters['email'] . '%');
        }
        if(!$this->isGranted('ROLE_SUPER_ADMIN')) {
            $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
            $uo = $this->entityManager->getRepository(UsersOrganizations::class)->findBy(['users' => $actingUser]);
            foreach ($uo as $item) {
                if($this->userService->isAdminOfOrganization($item->getOrganization())) {
                    $qb->andWhere('o.id = :orgId')
                        ->setParameter('orgId', $item->getOrganization()->getId());
                }
            }
        }


        // Count total
        $countQb = clone $qb;
        $total = (int)$countQb->select('COUNT(o.id)')->getQuery()->getSingleScalarResult();

        // Pagination
        $offset = ($page - 1) * $size;
        $rows = $qb->setFirstResult($offset)->setMaxResults($size)->getQuery()->getResult();

        // Map to array
        $data = array_map(function (Organizations $org) {
            return [
                'id' => $org->getId(),
                'name' => $org->getName(),
                'email' => $org->getEmail(),
                'logoUrl' => $org->getLogoUrl() ?: null,
                'active' => $org->isActive(),
                'showUrl' => $this->generateUrl('organization_show', ['id' => $org->getId()]),
            ];
        }, $rows);

        $lastPage = (int)ceil($total / $size);

        return $this->json([
            'data' => $data,
            'last_page' => $lastPage,
            'total' => $total, // optional, useful for debugging
        ]);
    }


}