"""Admin API endpoints - for internal use only."""
from fastapi import APIRouter, HTTPException, status
from pydantic import BaseModel, EmailStr
from sqlalchemy import select

from app.api.deps import Database
from app.models.user import User
from app.models.subscription import Subscription, SubscriptionTier, SubscriptionStatus, TIER_CONFIG

router = APIRouter()


class UpgradeUserRequest(BaseModel):
    """Request schema for upgrading a user."""
    email: EmailStr
    tier: str  # starter, professional, enterprise


@router.post("/upgrade-user")
async def upgrade_user(request: UpgradeUserRequest, db: Database):
    """
    Upgrade a user's subscription tier.
    
    NOTE: In production, this should require admin authentication!
    """
    # Find user
    result = await db.execute(
        select(User).where(User.email == request.email)
    )
    user = result.scalar_one_or_none()
    
    if not user:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail=f"User with email {request.email} not found"
        )
    
    # Validate tier
    try:
        new_tier = SubscriptionTier(request.tier)
    except ValueError:
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail=f"Invalid tier: {request.tier}. Valid options: starter, professional, enterprise"
        )
    
    # Find or create subscription
    result = await db.execute(
        select(Subscription).where(Subscription.user_id == user.id)
    )
    subscription = result.scalar_one_or_none()
    
    if not subscription:
        # Create new subscription
        subscription = Subscription(
            user_id=user.id,
            tier=new_tier,
            status=SubscriptionStatus.ACTIVE,
            domain_limit=TIER_CONFIG[new_tier]["domain_limit"],
        )
        db.add(subscription)
    else:
        # Update existing
        subscription.tier = new_tier
        subscription.domain_limit = TIER_CONFIG[new_tier]["domain_limit"]
        subscription.status = SubscriptionStatus.ACTIVE
    
    await db.commit()
    await db.refresh(subscription)
    
    config = TIER_CONFIG[new_tier]
    
    return {
        "message": f"User {request.email} upgraded to {config['name']}",
        "user_id": user.id,
        "tier": new_tier.value,
        "tier_name": config["name"],
        "domain_limit": config["domain_limit"],
        "features": config["features"],
    }


@router.get("/users")
async def list_users(db: Database, limit: int = 50, offset: int = 0):
    """
    List all users with their subscriptions.
    
    NOTE: In production, this should require admin authentication!
    """
    result = await db.execute(
        select(User).offset(offset).limit(limit)
    )
    users = result.scalars().all()
    
    user_list = []
    for user in users:
        # Get subscription
        sub_result = await db.execute(
            select(Subscription).where(Subscription.user_id == user.id)
        )
        subscription = sub_result.scalar_one_or_none()
        
        user_list.append({
            "id": user.id,
            "email": user.email,
            "name": user.name,
            "is_active": user.is_active,
            "created_at": user.created_at.isoformat(),
            "subscription": {
                "tier": subscription.tier.value if subscription else None,
                "status": subscription.status.value if subscription else None,
                "domain_limit": subscription.domain_limit if subscription else 0,
            } if subscription else None,
        })
    
    return {"users": user_list, "count": len(user_list)}