<?php
declare(strict_types=1);
namespace App\Modules\Invoices;

use App\Core\{Request, Response, Database};
use App\Services\FileStorageService;
use Throwable;

final class InvoiceController
{
    public function __construct(
        private readonly InvoiceModel $invoiceModel,
        private readonly FileStorageService $storage
    ) {}

    public function index(Request $request): void
    {
        $tenantId = $request->tenantId;
        $role = $request->user->role ?? 'viewer';
        $assignedCompanyId = $request->user->assigned_company_id ?? null;
        $db = Database::getInstance();

        $page = max(1, (int)$request->input('page', 1));
        $limit = min(50, max(10, (int)$request->input('per_page', 20)));
        $offset = ($page - 1) * $limit;
        
        $companyFilter = $request->input('company_id');
        $statusFilter = $request->input('status');
        $dateFrom = $request->input('date_from');
        $dateTo = $request->input('date_to');

        $where = 'WHERE i.tenant_id = ? AND i.deleted_at IS NULL';
        $params = [$tenantId];

        if ($role === 'accountant' && $assignedCompanyId) {
            $where .= ' AND i.company_id = ?';
            $params[] = $assignedCompanyId;
        } elseif ($companyFilter) {
            $where .= ' AND i.company_id = ?';
            $params[] = $companyFilter;
        }
        if ($statusFilter) { $where .= ' AND i.status = ?'; $params[] = $statusFilter; }
        if ($dateFrom) { $where .= ' AND i.invoice_date >= ?'; $params[] = $dateFrom; }
        if ($dateTo) { $where .= ' AND i.invoice_date <= ?'; $params[] = $dateTo; }

        $stmt = $db->prepare("SELECT COUNT(*) FROM invoices i {$where}");
        $stmt->execute($params);
        $total = (int)$stmt->fetchColumn();

        $stmt = $db->prepare("SELECT i.id, i.invoice_number, i.invoice_date, i.grand_total, i.tax_amount, 
            i.status, i.ai_confidence_score, i.created_at, c.name as company_name
            FROM invoices i JOIN companies c ON i.company_id = c.id
            {$where} ORDER BY i.created_at DESC LIMIT {$limit} OFFSET {$offset}");
        $stmt->execute($params);
        $invoices = $stmt->fetchAll();

        Response::json([
            'success' => true,
            'data' => $invoices,
            'meta' => ['total' => $total, 'page' => $page, 'per_page' => $limit, 'last_page' => ceil($total / $limit)]
        ]);
    }

    public function upload(Request $request): void
    {
        try {
            $files = $request->getFiles();
            if (empty($files['file'])) {
                throw new \Exception('يرجى اختيار ملف للفاتورة');
            }

            $companyId = (string)$request->input('company_id');
            if (empty($companyId)) {
                throw new \Exception('يرجى اختيار الشركة');
            }

            $file = $files['file'];
            $invoiceId = \Ramsey\Uuid\Uuid::uuid4()->toString();
            
            // Store file
            $path = $this->storage->store($file, $request->tenantId, $companyId);
            
            // Create record
            $this->invoiceModel->create([
                'id' => $invoiceId,
                'tenant_id' => $request->tenantId,
                'company_id' => $companyId,
                'original_file_path' => $path,
                'status' => 'uploaded'
            ]);

            // Queue extraction and risk analysis
            \App\Services\QueueService::push(\queue\Jobs\ExtractInvoiceJob::class, ['invoice_id' => $invoiceId]);

            Response::json([
                'success' => true,
                'data' => ['invoice_id' => $invoiceId],
                'message' => 'تم رفع الفاتورة بنجاح وجاري استخراج البيانات بالذكاء الاصطناعي'
            ], 202);
        } catch (Throwable $e) {
            Response::error($e->getMessage(), 'UPLOAD_ERROR', (int)($e->getCode() ?: 500));
        }
    }

    public function show(Request $request, string $id): void
    {
        $tenantId = $request->tenantId;
        $db = Database::getInstance();
        
        // Fetch invoice with company name (tenant-scoped)
        $stmt = $db->prepare("SELECT i.*, c.name as company_name, c.tax_identification_number as company_tin
            FROM invoices i
            JOIN companies c ON i.company_id = c.id
            WHERE i.id = ? AND i.tenant_id = ? AND i.deleted_at IS NULL");
        $stmt->execute([$id, $tenantId]);
        $invoice = $stmt->fetch();
        
        if (!$invoice) {
            Response::error('الفاتورة غير موجودة', 'NOT_FOUND', 404);
            return;
        }

        // Fetch lines
        $stmt = $db->prepare("SELECT * FROM invoice_lines WHERE invoice_id = ? ORDER BY line_number ASC");
        $stmt->execute([$id]);
        $invoice['lines'] = $stmt->fetchAll();

        // Parse JSON fields
        if ($invoice['validation_errors']) {
            $invoice['validation_errors'] = json_decode($invoice['validation_errors'], true);
        }
        if ($invoice['jofotara_response']) {
            $invoice['jofotara_response'] = json_decode($invoice['jofotara_response'], true);
        }

        Response::json(['success' => true, 'data' => $invoice]);
    }

    public function submit(Request $request, string $id): void
    {
        try {
            $db = Database::getInstance();
            $stmt = $db->prepare("SELECT status FROM invoices WHERE id = ? AND tenant_id = ?");
            $stmt->execute([$id, $request->tenantId]);
            $invoice = $stmt->fetch();
            
            if (!$invoice) {
                Response::error('الفاتورة غير موجودة', 'NOT_FOUND', 404);
                return;
            }

            // Update status to submitting
            $this->invoiceModel->update($id, ['status' => 'submitting']);
            
            // Queue JoFotara submission
            \App\Services\QueueService::push(\queue\Jobs\SubmitJoFotaraJob::class, ['invoice_id' => $id]);
            
            Response::json(['success' => true, 'message' => 'جاري إرسال الفاتورة لنظام فوترة...']);
        } catch (Throwable $e) {
            Response::error($e->getMessage(), 'SUBMIT_ERROR', (int)($e->getCode() ?: 500));
        }
    }

    public function serveFile(Request $request, string $id): void
    {
        $tenantId = $request->tenantId;
        $db = Database::getInstance();
        
        $stmt = $db->prepare("SELECT original_file_path FROM invoices WHERE id = ? AND tenant_id = ? AND deleted_at IS NULL");
        $stmt->execute([$id, $tenantId]);
        $invoice = $stmt->fetch();
        
        if (!$invoice || !$invoice['original_file_path']) {
            Response::error('الملف غير موجود', 'NOT_FOUND', 404);
            return;
        }

        $filePath = $invoice['original_file_path'];
        
        if (!file_exists($filePath)) {
            Response::error('الملف غير موجود على الخادم', 'FILE_NOT_FOUND', 404);
            return;
        }

        // Validate path is within storage directory (security)
        $storagePath = realpath($_ENV['STORAGE_PATH'] ?? '/home/intaleqapp-musadeq/storage');
        $realPath = realpath($filePath);
        if (!$realPath || !str_starts_with($realPath, $storagePath)) {
            Response::error('وصول غير مصرح', 'FORBIDDEN', 403);
            return;
        }

        $mimeType = mime_content_type($filePath);
        $filename = basename($filePath);
        
        header('Content-Type: ' . $mimeType);
        header('Content-Length: ' . filesize($filePath));
        header('Content-Disposition: inline; filename="' . $filename . '"');
        header('X-Content-Type-Options: nosniff');
        readfile($filePath);
        exit;
    }

    public function status(Request $request, string $id): void
    {
        $stmt = Database::getInstance()->prepare("SELECT id, status, ai_confidence_score, validation_errors FROM invoices WHERE id = ? AND tenant_id = ?");
        $stmt->execute([$id, $request->tenantId]);
        $invoice = $stmt->fetch();
        Response::json(['success' => true, 'data' => $invoice]);
    }

    public function update(Request $request, string $id): void
    {
        // Implementation for PUT /api/v1/invoices/{id}
        $data = $request->getBody();
        $this->invoiceModel->update($id, $data);
        Response::json(['success' => true, 'message' => 'تم تحديث الفاتورة بنجاح']);
    }

    public function destroy(Request $request, string $id): void
    {
        $this->invoiceModel->delete($id);
        Response::json(['success' => true, 'message' => 'تم حذف الفاتورة بنجاح']);
    }
}