from fastapi import APIRouter, Depends, HTTPException, status
from services.need_request_service import NeedRequestService
from models.schemas import NeedRequestCreate, NeedRequestUpdate
from config.database import get_db
from services.auth_service import AuthService

router = APIRouter()


@router.post("/", status_code=status.HTTP_201_CREATED)
async def request_need(need: NeedRequestCreate, db=Depends(get_db)):

    return await NeedRequestService.create_need(need, db)


@router.get("/{need_id}", status_code=status.HTTP_200_OK)
async def get_need(need_id: int, db=Depends(get_db)):

    need = await NeedRequestService.get_need_by_id(need_id, db)
    if not need:
        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Need request not found")
    return need


@router.put("/{need_id}", status_code=status.HTTP_200_OK)
async def update_need(
    need_id: int,
    need_update: NeedRequestUpdate,
    db=Depends(get_db),
    current_user=Depends(AuthService.get_current_user),
):

    need = await NeedRequestService.get_need_by_id(need_id, db)
    if not need:
        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Need request not found")

    # V�rifie si l'utilisateur est l'auteur ou un administrateur
    if need.requester_email != current_user.email and not await AuthService.admin_required(db=db):
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="You do not have permission to update this need request",
        )

    return await NeedRequestService.update_need(need_id, need_update, db)


@router.delete("/{need_id}", status_code=status.HTTP_200_OK)
async def delete_need(
    need_id: int,
    db=Depends(get_db),
    current_user=Depends(AuthService.get_current_user),
):

    need = await NeedRequestService.get_need_by_id(need_id, db)
    if not need:
        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Need request not found")

    # V�rifie si l'utilisateur est l'auteur ou un administrateur
    if need.requester_email != current_user.email and not await AuthService.admin_required(db=db):
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="You do not have permission to delete this need request",
        )

    return await NeedRequestService.delete_need(need_id, db)