from flask import Blueprint, render_template, request, redirect, url_for, flash
from werkzeug.security import generate_password_hash
from app.models import User
from app.utils.auth import admin_required

bp = Blueprint('admin_users', __name__)


@bp.route('/admin/users', methods=['GET', 'POST'], endpoint='manage_users')
@admin_required
def manage_users():
    if request.method == 'POST':
        username = request.form['username'].strip()
        email = request.form['email'].strip()
        full_name = request.form.get('full_name', '').strip()
        password = request.form['password']
        is_admin_flag = request.form.get('is_admin') == 'on'

        if not username, or not email or not password:
            flash('Заполните обязательные поля', 'danger')
            return redirect(url_for('manage_users'))
        if User.select().where((User.username == username) | (User.email == email)).exists():
            flash('Пользователь с таким логином или email уже существует', 'danger')
            return redirect(url_for('manage_users'))

        User.create(
            username=username,
            email=email,
            full_name=full_name or None,
            password_hash=generate_password_hash(password),
            is_admin=is_admin_flag,
        )
        flash('Пользователь создан', 'success')
        return redirect(url_for('manage_users'))

    users = User.select().order_by(User.id)
    return render_template('admin/users.html', users=users, title='Пользователи')


@bp.route('/admin/users/<int:user_id>/reset_password', methods=['POST'], endpoint='admin_reset_password')
@admin_required
def admin_reset_password(user_id):
    user = User.get_or_none(User.id == user_id)
    if not user:
        flash('Пользователь не найден', 'danger')
        return redirect(url_for('manage_users'))
    new_password = request.form.get('new_password')
    if not new_password:
        flash('Укажите новый пароль', 'danger')
        return redirect(url_for('manage_users'))
    user.password_hash = generate_password_hash(new_password)
    user.save()
    flash('Пароль обновлён', 'success')
    return redirect(url_for('manage_users'))


@bp.route('/admin/users/<int:user_id>/toggle_admin', methods=['POST'], endpoint='admin_toggle_admin')
@admin_required
def admin_toggle_admin(user_id):
    from flask_login import current_user
    if current_user.id == user_id:
        flash('Нельзя менять свои собственные права', 'warning')
        return redirect(url_for('manage_users'))
    user = User.get_or_none(User.id == user_id)
    if not user:
        flash('Пользователь не найден', 'danger')
        return redirect(url_for('manage_users'))
    user.is_admin = not user.is_admin
    user.save()
    flash('Права обновлены', 'success')
    return redirect(url_for('manage_users'))


@bp.route('/admin/users/<int:user_id>/delete', methods=['POST'], endpoint='admin_delete_user')
@admin_required
def admin_delete_user(user_id):
    from flask_login import current_user
    if current_user.id == user_id:
        flash('Нельзя удалить самого себя', 'warning')
        return redirect(url_for('manage_users'))
    user = User.get_or_none(User.id == user_id)
    if not user:
        flash('Пользователь не найден', 'danger')
        return redirect(url_for('manage_users'))
    try:
        user.delete_instance(recursive=True)
        flash('Пользователь удалён', 'success')
    except Exception:
        flash('Не удалось удалить пользователя', 'danger')
    return redirect(url_for('manage_users'))