<?php

namespace App\Http\Controllers\Admin;

use App\Http\Controllers\Controller;
use App\Models\User;
use App\Services\AuditLogService;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Validation\Rules\Password;
use Illuminate\View\View;

class UserController extends Controller
{
    public function index(): View
    {
        $users = User::withCount('programs')->latest()->paginate(20);

        return view('admin.users.index', compact('users'));
    }

    public function create(): View
    {
        return view('admin.users.create');
    }

    public function store(Request $request): RedirectResponse
    {
        $data = $request->validate([
            'name'     => 'required|string|max:255',
            'email'    => 'required|email|max:255|unique:users,email',
            'role'     => 'required|in:super_admin,admin',
            'password' => ['required', 'confirmed', Password::min(8)->mixedCase()->numbers()],
        ]);

        $user = User::create($data);

        AuditLogService::log('user.created', $user, [], ['email' => $user->email, 'role' => $user->role]);

        return redirect()->route('admin.users.index')
            ->with('success', 'Pengguna "' . $user->name . '" berjaya ditambah.');
    }

    public function edit(User $user): View
    {
        return view('admin.users.edit', compact('user'));
    }

    public function update(Request $request, User $user): RedirectResponse
    {
        $rules = [
            'name'  => 'required|string|max:255',
            'email' => 'required|email|max:255|unique:users,email,' . $user->id,
            'role'  => 'required|in:super_admin,admin',
        ];

        if ($request->filled('password')) {
            $rules['password'] = ['confirmed', Password::min(8)->mixedCase()->numbers()];
        }

        $data = $request->validate($rules);

        if (! $request->filled('password')) {
            unset($data['password']);
        }

        $old = $user->only(['name', 'email', 'role']);
        $user->update($data);

        AuditLogService::log('user.updated', $user, $old, $user->only(['name', 'email', 'role']));

        return redirect()->route('admin.users.index')
            ->with('success', 'Maklumat pengguna "' . $user->name . '" berjaya dikemas kini.');
    }

    public function destroy(User $user): RedirectResponse
    {
        if ($user->id === auth()->id()) {
            return back()->with('error', 'Anda tidak boleh padam akaun sendiri.');
        }

        $name = $user->name;
        AuditLogService::log('user.deleted', $user);
        $user->delete();

        return redirect()->route('admin.users.index')
            ->with('success', 'Pengguna "' . $name . '" berjaya dipadam.');
    }
}