using System;
using System.Collections.Generic;
using System.Configuration;
using System.Data.SqlClient;
using System.Linq;
using System.Web.Mvc;

namespace InstaVibe.Controllers
{
    public class StaffController : Controller
    {
        private readonly string connectionString =
            ConfigurationManager.ConnectionStrings["InstaVibe"].ConnectionString.ToString();

        public ActionResult Dashboard()
        {
            if (Session["StaffId"] == null) return RedirectToAction("Login", "Account", new { role = "Staff" });

            int staffId = Convert.ToInt32(Session["StaffId"]);

            string rolesCsv = "";
            int unreadCount = 0;
            using (SqlConnection con = new SqlConnection(connectionString))
            {
                con.Open();

                using (var cmd = new SqlCommand("SELECT assigned_roles FROM Staffs WHERE staff_id=@id", con))
                {
                    cmd.Parameters.AddWithValue("@id", staffId);
                    object r = cmd.ExecuteScalar();
                    rolesCsv = r == null || r == DBNull.Value ? "" : r.ToString();
                }

                using (var cmd = new SqlCommand("SELECT COUNT(*) FROM StaffNotifications WHERE staff_id=@id AND is_read=0", con))
                {
                    cmd.Parameters.AddWithValue("@id", staffId);
                    unreadCount = Convert.ToInt32(cmd.ExecuteScalar());
                }
            }

            var roles = rolesCsv.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries)
                .Select(r => r.Trim().ToLower())
                .Where(r => !string.IsNullOrWhiteSpace(r))
                .Distinct()
                .ToList();

            ViewBag.Username = Session["StaffUsername"]?.ToString();
            ViewBag.Roles = roles;
            ViewBag.UnreadCount = unreadCount;

            return View();
        }

        public JsonResult GetNotifications()
        {
            if (Session["StaffId"] == null) return Json(new { error = "Unauthorized" }, JsonRequestBehavior.AllowGet);
            int staffId = Convert.ToInt32(Session["StaffId"]);

            var list = new List<object>();
            using (SqlConnection con = new SqlConnection(connectionString))
            {
                con.Open();
                string q = @"SELECT TOP 50 notification_id, message, is_read, created_at
                             FROM StaffNotifications
                             WHERE staff_id=@id
                             ORDER BY created_at DESC";
                using (var cmd = new SqlCommand(q, con))
                {
                    cmd.Parameters.AddWithValue("@id", staffId);
                    using (var r = cmd.ExecuteReader())
                    {
                        while (r.Read())
                        {
                            list.Add(new
                            {
                                NotificationId = Convert.ToInt32(r["notification_id"]),
                                Message = r["message"].ToString(),
                                IsRead = Convert.ToBoolean(r["is_read"]),
                                CreatedAt = Convert.ToDateTime(r["created_at"]).ToString("dd MMM yyyy, hh:mm tt")
                            });
                        }
                    }
                }
            }

            return Json(list, JsonRequestBehavior.AllowGet);
        }

        [HttpPost]
        public ActionResult MarkAllAsRead()
        {
            if (Session["StaffId"] == null) return new HttpStatusCodeResult(401);
            int staffId = Convert.ToInt32(Session["StaffId"]);

            using (SqlConnection con = new SqlConnection(connectionString))
            {
                con.Open();
                using (var cmd = new SqlCommand("UPDATE StaffNotifications SET is_read=1 WHERE staff_id=@id", con))
                {
                    cmd.Parameters.AddWithValue("@id", staffId);
                    cmd.ExecuteNonQuery();
                }
            }

            return new HttpStatusCodeResult(200);
        }

        public ActionResult Logout()
        {
            Session.Remove("StaffId");
            Session.Remove("StaffUsername");
            Session.Remove("StaffRoles");
            return RedirectToAction("Login", "Account", new { role = "Staff" });
        }
    }
}