import {
	BadRequestException,
	Body,
	Controller,
	Get,
	Post,
	Request,
	ValidationPipe
} from '@nestjs/common';
import { AuthService } from 'services/auth';
import { Requests, Responses, UserRole } from 'dto';
import { Role } from 'authguards';
import { InjectRepository } from '@nestjs/typeorm';
import { tfaTypes, User } from 'entities';
import { Repository } from 'typeorm';

@Controller('api/admin')
export default class AdminController {
	constructor(
		@InjectRepository(User)
		private userRepo: Repository<User>,
		private authService: AuthService
	) {}

	@Role(UserRole.ADMIN)
	@Get('users')
	async getUsers(): Promise<Responses.Admin.GetUsers> {
		const users = await this.userRepo.find();
		const entries = users.map(
			(user) =>
				new Responses.Admin.GetUsersEntry(
					user.id,
					user.isGitlabUser,
					user.name,
					user.role,
					this.authService.requiresTfa(user)
				)
		);
		return new Responses.Admin.GetUsers(entries);
	}

	@Role(UserRole.ADMIN)
	@Post('set_role')
	async setRole(
		@Request() req,
		@Body(new ValidationPipe()) data: Requests.Admin.SetUserRole
	): Promise<Responses.Admin.SetUserRole> {
		const user = await this.authService.getUser(data.user);
		if (!user) throw new BadRequestException('Invalid user');
		await this.authService.setUserRole(user, data.role);
		return new Responses.Admin.SetUserRole();
	}

	@Role(UserRole.ADMIN)
	@Post('logout')
	async logout(
		@Request() req,
		@Body(new ValidationPipe()) data: Requests.Admin.LogoutAll
	): Promise<Responses.Admin.LogoutAllUser> {
		const user = await this.authService.getUser(data.user);
		if (!user) throw new BadRequestException('Invalid user');
		await this.authService.revokeAll(user);
		return new Responses.Admin.LogoutAllUser();
	}

	@Role(UserRole.ADMIN)
	@Post('delete')
	async delete(
		@Request() req,
		@Body(new ValidationPipe()) data: Requests.Admin.DeleteUser
	): Promise<Responses.Admin.DeleteUser> {
		const user = await this.authService.getUser(data.user);
		if (!user) throw new BadRequestException('Invalid user');
		await this.authService.deleteUser(user);
		return new Responses.Admin.DeleteUser();
	}

	@Role(UserRole.ADMIN)
	@Post('disable_2fa')
	async disableTfa(
		@Request() req,
		@Body(new ValidationPipe()) data: Requests.Admin.DisableTfa
	): Promise<Responses.Admin.DisableTfa> {
		const user = await this.authService.getUser(data.user);
		if (!user) throw new BadRequestException('Invalid user');
		await this.authService.setTfaType(user, tfaTypes.NONE);
		return new Responses.Admin.DisableTfa();
	}
}