package com.backendsys.modules.system.controller;

import com.backendsys.entity.PageDTO;
import com.backendsys.exception.CustException;
import com.backendsys.modules.common.config.security.enums.SecurityEnum;
import com.backendsys.modules.common.config.security.utils.SecurityUtil;
import com.backendsys.modules.common.utils.Result;
import com.backendsys.modules.system.entity.SysUser.SysUserDTO;
import com.backendsys.modules.system.entity.SysUser.SysUserInfo;
import com.backendsys.modules.system.service.SysUserV2Service;
import com.backendsys.service.System.SysUserService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.constraints.NotEmpty;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@Validated
@RestController
@Tag(name = "系统用户")
public class SysUserV2Controller {

    @Autowired
    private SysUserService sysUserService;

    @Autowired
    private SysUserV2Service sysUserV2Service;

    @Operation(summary = "获得系统用户列表")
    @PreAuthorize("@sr.hasPermission('3.2')")
    @GetMapping("/api/v2/system/user/getUserList")
    public Result getUserList(SysUserDTO sysUserDTO) {
        return Result.success().put("data", sysUserV2Service.selectUserList(sysUserDTO));
    }

    /**
     * 权限：
     * - 查询用户信息 (3.2.1)
     * - 查询他人用户信息 (3.2.1.2)
     */
    @Operation(summary = "获得系统用户详情")
    @PreAuthorize("@sr.hasPermission('3.2.1')")
    @GetMapping("/api/v2/system/user/getUserDetail")
    public Result getUserDetail(@Parameter(description = "用户ID") Long user_id) {

        // 查询自身的用户信息 (不传参数)
        user_id = (user_id == null) ? SecurityUtil.getUserId() : user_id;

        // 查询他人的用户信息
        // - 查询自己 (无需权限)
        // - 查询他人 (需要权限或超级管理员)
        if (user_id != SecurityUtil.getUserId() && !SecurityUtil.hasPermission("3.2.1.2") && !SecurityUtil.isSuper()) {
            throw new CustException(SecurityEnum.NOAUTH);
        }

        return Result.success().put("data", sysUserV2Service.selectUserInfo(user_id));
//        return Result.success().put("data", sysUserV2Service.selectUserDetail(user_id));
    }

    /**
     * 权限：
     * - 查询用户权限 (3.4.1)
     * - 查询他人用户权限 (3.4.1.2)
     */
    @Operation(summary = "获得系统用户权限列表")
    @PreAuthorize("@sr.hasPermission('3.4.1')")
    @GetMapping("/api/v2/system/user/getUserPermission")
    public Result getUserPermission(@Parameter(description = "用户ID") Long user_id) {

        // 查询自身的用户信息 (不传参数)
        user_id = (user_id == null) ? SecurityUtil.getUserId() : user_id;

        // 查询他人的用户信息
        // - 查询自己 (无需权限)
        // - 查询他人 (需要权限或超级管理员)
        if (user_id != SecurityUtil.getUserId() && !SecurityUtil.hasPermission("3.4.1.2") && !SecurityUtil.isSuper()) {
            throw new CustException(SecurityEnum.NOAUTH);
        }

        return Result.success().put("data", sysUserV2Service.selectUserModule(user_id));
    }

}