const express = require('express');
const router = express.Router();

// DB pool (same as used in api/index.js)
const pool = require('../db');

// POST /application
router.post('/', async (req, res) => {
  try {
    const App = req.body?.App || {};

    // TODO: replace with current user ID
    const memberId = 1;

    const sql = `INSERT INTO applications (member_id, app_version, app_data) VALUES (?, ?, ?);`;
    const appVersion = 1;

    const params = [memberId, appVersion, JSON.stringify(App)]

    console.log(params)

    await pool.query(sql, params);

    res.sendStatus(201);
  } catch (err) {
    console.error('Insert failed:', err);
    res.status(500).json({ error: 'Failed to save application' });
  }
});

// GET /application/all
router.get('/all', async (req, res) => {
  try {
    const sql = `SELECT
      member.name AS member_name,
      app.id,
      app.member_id,
      app.submitted_at,
      app.app_status
    FROM applications AS app
    LEFT JOIN members AS member
      ON member.id = app.member_id;`

    const rows = await pool.query(sql);

    res.status(200).json(rows);
  } catch (err) {
    console.error(err);
    res.status(500);
  }
});

// GET /application/:id
router.get('/:id', async (req, res) => {
  let appID = req.params.id;

  //TODO: Replace with real user Authorization and whatnot
  // if the application is not "me" and I am not a recruiter, deny access to the application (return 403 or whatever)
  if (appID === "me")
    appID = 2;

  try {
    const conn = await pool.getConnection()

    const application = await conn.query(
      `SELECT app.*,
          member.name AS member_name
      FROM applications AS app
          INNER JOIN members AS member ON member.id = app.member_id
      WHERE app.id = ?;`,
      [appID]
    );

    if (!Array.isArray(application) || application.length === 0) {
      conn.release();
      return res.status(204).json("Application Not Found");
    }

    const comments = await conn.query(`SELECT app.id AS comment_id,
          app.post_content,
          app.poster_id,
          app.post_time,
          app.last_modified,
          member.name AS poster_name
        FROM application_comments AS app
          INNER JOIN members AS member ON member.id = app.poster_id
        WHERE app.application_id = ?;`,
      [appID]);

    conn.release()

    const output = {
      application: application[0],
      comments,
    }
    return res.status(200).json(output);
  }
  catch (err) {
    console.error('Query failed:', err);
    return res.status(500).json({ error: 'Failed to load application' });
  }
});

// POST /application/approve/:id
router.post('/approve/:id', async (req, res) => {
  const appID = req.params.id;

  const sql = `
      UPDATE applications
         SET approved_at = NOW()
       WHERE id = ?
        AND approved_at IS NULL
        AND denied_at IS NULL
      `;
  try {
    const result = await pool.execute(sql, appID);

    console.log(result);

    if (result.affectedRows === 0) {
      res.status(400).json('Something went wrong approving the application');
    }

    if (result.affectedRows == 1) {
      res.sendStatus(200);
    }

  } catch (err) {
    console.error('Approve failed:', err);
    res.status(500).json({ error: 'Failed to approve application' });
  }
});

// POST /application/deny/:id
router.post('/deny/:id', async (req, res) => {
  const appID = req.params.id;

  const sql = `
      UPDATE applications
         SET denied_at = NOW()
       WHERE id = ?
        AND approved_at IS NULL
        AND denied_at IS NULL
      `;
  try {
    const result = await pool.execute(sql, appID);

    console.log(result);

    if (result.affectedRows === 0) {
      res.status(400).json('Something went wrong denying the application');
    }

    if (result.affectedRows == 1) {
      res.sendStatus(200);
    }

  } catch (err) {
    console.error('Approve failed:', err);
    res.status(500).json({ error: 'Failed to deny application' });
  }
});

// POST /application/:id/comment
router.post('/:id/comment', async (req, res) => {
  const appID = req.params.id;
  const data = req.body.message;
  const user = 1;

  const sql = `INSERT INTO application_comments(
    application_id,
    poster_id,
    post_content
  )
VALUES(?, ?, ?);`

  try {
    const conn = await pool.getConnection();

    const result = await conn.query(sql, [appID, user, data])
    console.log(result)
    if (result.affectedRows !== 1) {
      conn.release();
      throw new Error("Insert Failure")
    }

    const getSQL = `SELECT app.id AS comment_id,
      app.post_content,
      app.poster_id,
      app.post_time,
      app.last_modified,
      member.name AS poster_name
        FROM application_comments AS app
          INNER JOIN members AS member ON member.id = app.poster_id
        WHERE app.id = ?; `;
    const comment = await conn.query(getSQL, [result.insertId])
    res.status(201).json(comment[0]);

  } catch (err) {
    console.error('Comment failed:', err);
    res.status(500).json({ error: 'Could not post comment' });
  }
});

module.exports = router;