<?php

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;

/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/


Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
    return $request->user();
});

// /api/cinemas/{id}/rooms
Route::get('/cinemas/{id}/rooms', function ($id) {
    $cinema = (new App\Models\Cinema)->find($id);
    return $cinema->rooms;
});

// /api/showings/{id}
Route::get('/showings/{id}', function ($id) {
    $showing = (new App\Models\Showing)->find($id);
    return $showing;
});


// /api/rooms/{id}/seatMatrix
Route::get('/rooms/{id}/seatMatrix', function ($id) {
    $room = (new App\Models\Room)->find($id);
    return $room->seatMatrix();
});

// /api/showings/{id}/seatMatrix
Route::get('/showings/{id}/seatMatrix', function ($id) {
    $showing = (new App\Models\Showing)->find($id);
    return $showing->seatMatrix();
});

// /api/showing/{id}/prices
Route::get('/showing/{id}/prices', function ($id) {
    $showing = (new App\Models\Showing)->find($id);
    return $showing->prices;
});


// /api/user/{id}/permissions
Route::get('/user/{id}/permissions', function ($id) {
    $user = (new App\Models\User)->find($id);
    return $user->permissions;
})->name('api.user.permissions');

Route::post('/user/{id}/permission', function ($id, Request $request) {
    $user = (new App\Models\User)->find($id);

    // check if request is valid
    if (!isset($request->permission_name)) {
        return response()->json(['error' => 'permission name not set'], 400);
    }

    // check if permission exists
    // if it does not exist, create it
    $permission = (new App\Models\Permission)->where('permission_name', $request->permission_name);
    if ($permission->count() == 0) {
        $permission = (new App\Models\Permission)->create(['permission_name' => $request->permission_name]);
    } else {
        $permission = $permission->first();
    }

    // check if user has permission
    // if not, add it

    $user->permissions()->attach($permission->permission_id);
    $user->save();
    return $user->permissions;

})->name('api.user.permission');

Route::delete('/user/{id}/permission', function ($id, Request $request) {
    $user = (new App\Models\User)->find($id);
    $perm = (new App\Models\Permission())->find(request('permission_id'));
    $user->permissions->detach($perm);
    $user->save();
    return $user->permissions;
})->name('api.user.permission');

// /api/user/{id}/assignments
Route::get('/user/{id}/assignments', function ($id) {
    $user = (new App\Models\User)->find($id);
    return $user->cinemas;
})->name('api.user.assignments');

Route::post('/user/{id}/assignment', function ($id) {
    $user = (new App\Models\User)->find($id);
    $cinema = (new App\Models\Cinema())->find(request('cinema_id'));
    $user->cinemas->attach($cinema);
    $user->save();
    return $user->cinemas;
})->name('api.user.assignment');

Route::delete('/user/{id}/assignment', function ($id) {
    $user = (new App\Models\User)->find($id);
    $cinema = (new App\Models\Cinema())->find(request('cinema_id'));
    $user->cinemas->detach($cinema);
    $user->save();
    return $user->cinemas;
})->name('api.user.assignment');

// POST /api/order
Route::middleware('auth:sanctum')->post('/order', function (Request $request) {
    // [0] showing = showing_id
    // [1] seats = [{seat: seat_id, price: price_id}, ...]

    // check user
    if ($request->user()->exists()) {
        return response()->json(['error' => 'user not logged in'], 400);
    }

    if (!isset($request->showing) || !isset($request->seats)) { // check if user is logged in and showings and seats are set
        return response()->json(['error' => 'showing or seats not set'], 400);
    }

    if ($request->user()->addresses()->count() == 0) { // check if user has an address
        return response()->json(['error' => 'no address set'], 400);
    }

    $order = (new App\Models\Order)->create([
        'user_id' => $request->user()->user_id,
        'order_number' => substr(str_shuffle(str_repeat($x = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', ceil(10 / strlen($x)))), 1, 10),
        'order_status' => 'pending',
        'billing_address_id' => Auth::user()->address()->address_id
    ]);
    $order->save();

    // create tickets for each seat
    foreach ($request->seats as $seat) {
        Log::info('Creating ticket for seat ' . $seat['seat']);
        $ticket = (new App\Models\Ticket)->create([
            'seat_id' => $seat['seat'],
            'price_id' => $seat['price'],
            'showing_id' => $request->showing,
            'order_id' => $order->order_id,
            'user_id' => $request->user()->user_id
        ]);
        $ticket->save();
    }

    Log::info('Order created: ' . $order->order_number);

    return $order;
})->name('api.order');