import { Body, Controller, Delete, Get, Path, Post, Put, Route, Security, Tags } from "tsoa";
import {
  addUserRoles,
  createUser,
  editUser,
  getRoles,
  removeUserRoles,
} from "../services/keycloak";

@Route("api/keycloak")
@Tags("Single-Sign On")
@Security("keycloak")
export class KeycloakController extends Controller {
  @Post("user")
  async createUser(
    @Body() body: { username: string; password: string; firstName?: string; lastName?: string },
  ) {
    return await createUser(body.username, body.password, {
      firstName: body.firstName,
      lastName: body.lastName,
      requiredActions: ["UPDATE_PASSWORD"],
    });
  }

  @Put("user/{userId}")
  async editUser(
    @Path() userId: string,
    @Body() body: { username?: string; password?: string; firstName?: string; lastName?: string },
  ) {
    return await editUser(userId, body);
  }

  @Get("role")
  async getRole() {
    const role = await getRoles();
    if (Array.isArray(role)) return role;
    throw new Error("Failed. Cannot get role.");
  }

  @Post("{userId}/role")
  async addRole(@Path() userId: string, @Body() body: { role: string[] }) {
    const list = await getRoles();

    if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");

    const result = await addUserRoles(
      userId,
      list.filter((v) => body.role.includes(v.id)),
    );

    if (!result) throw new Error("Failed. Cannot set user's role.");
  }

  @Delete("{userId}/role/{roleId}")
  async deleteRole(@Path() userId: string, @Path() roleId: string) {
    const list = await getRoles();

    if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");

    const result = await removeUserRoles(
      userId,
      list.filter((v) => roleId === v.id),
    );
    if (!result) throw new Error("Failed. Cannot remove user's role.");
  }
}