from flask import Blueprint, render_template, request, redirect, url_for, flash
from controllers.auth_controller import login_required, admin_required
from models.user_model import UserModel

user_bp = Blueprint('user', __name__)

@user_bp.route('/')
@login_required
@admin_required
def index():
    users = UserModel.get_all_users()
    return render_template('users/index.html', users=users)

@user_bp.route('/create', methods=['GET', 'POST'])
@login_required
@admin_required
def create():
    if request.method == 'POST':
        name = request.form.get('name')
        email = request.form.get('email')
        password = request.form.get('password')
        role = request.form.get('role', 'user')
        
        if not name or not email or not password:
            flash('Name, email and password are required', 'error')
            return render_template('users/create.html')
        
        if len(password) < 6:
            flash('Password must be at least 6 characters long', 'error')
            return render_template('users/create.html')
        
        existing_user = UserModel.get_user_by_email(email)
        if existing_user:
            flash('Email already exists', 'error')
            return render_template('users/create.html')
        
        UserModel.create_user(name, email, password, role)
        flash('User created successfully!', 'success')
        return redirect(url_for('user.index'))
    
    return render_template('users/create.html')

@user_bp.route('/edit/<int:user_id>', methods=['GET', 'POST'])
@login_required
@admin_required
def edit(user_id):
    user = UserModel.get_user_by_id(user_id)
    if not user:
        flash('User not found', 'error')
        return redirect(url_for('user.index'))
    
    if request.method == 'POST':
        name = request.form.get('name')
        email = request.form.get('email')
        role = request.form.get('role', 'user')
        password = request.form.get('password')
        
        if not name or not email:
            flash('Name and email are required', 'error')
            return render_template('users/edit.html', user=user)
        
        if email != user['email']:
            existing_user = UserModel.get_user_by_email(email)
            if existing_user and existing_user['id'] != user['id']:
                flash('Email already exists', 'error')
                return render_template('users/edit.html', user=user)
        
        UserModel.update_user(user_id, name, email, role)
        
        if password and len(password) >= 6:
            UserModel.update_user_password(user_id, password)
            flash('User updated successfully with new password!', 'success')
        else:
            flash('User updated successfully!', 'success')
        
        return redirect(url_for('user.index'))
    
    return render_template('users/edit.html', user=user)

@user_bp.route('/delete/<int:user_id>')
@login_required
@admin_required
def delete(user_id):
    user = UserModel.get_user_by_id(user_id)
    if not user:
        flash('User not found', 'error')
        return redirect(url_for('user.index'))
    
    UserModel.delete_user(user_id)
    flash('User deleted successfully!', 'success')
    return redirect(url_for('user.index'))