using API.Authentication;
using API.Authentication.Interfaces;
using API.DTO.Base.Update;
using API.Services;
using DAL.Models;
using DAL.Models.Audits;
using Microsoft.AspNetCore.Mvc;
using MUser = DAL.Models.User;

namespace API.Controllers
{
	[ApiController]
	[Route("api/v1/[controller]")]
	public class SignupController : CRUDBase<SignupController, SignupDTO, SignupUpdateDTO, Signup, AuditSignup, ISignupAuthentication, SignupService>
	{
		public SignupController(ILogger<SignupController> logger, UserService userService, SignupService service) : base(logger, userService, service)
		{
		}
		
		[HttpPost]
		public override ActionResult<SignupDTO> add(SignupDTO createDTO)
		{
			MUser? user = getUser(User);
			if (user == null)
				return Unauthorized();

			// todo 
			createDTO.userId = user.id;
			if (createDTO.userId != user.id)
			{
				return Forbid();
			}

			Signup? result = Service.add(createDTO, user);
			if (result == null)
				return Forbid();

			SignupDTO dto = new SignupDTO();
			dto.adaptFromModel(result);

			return Ok(dto);
		}

		[HttpDelete("event/{eventId}")]
		public virtual ActionResult delete(ulong eventId)
		{
			MUser? user = getUser(User);
			if (user == null)
				return Unauthorized();

			Signup? result = Service.getNoAuthentication(x => x.userId == user.id && x.eventId == eventId).FirstOrDefault();
			if (result == null)
				return Forbid();

			AuditSignup? auditModel = Service.delete(result, user);
			if (auditModel == null)
				return Forbid();

			return NoContent();
		}
	}
}