package role

import (
	"context"
	"errors"
	"time"

	"perms-system-server/internal/consts"
	authHelper "perms-system-server/internal/logic/auth"
	"perms-system-server/internal/middleware"
	roleModel "perms-system-server/internal/model/role"
	"perms-system-server/internal/response"
	"perms-system-server/internal/svc"
	"perms-system-server/internal/types"

	"github.com/zeromicro/go-zero/core/logx"
)

type UpdateRoleLogic struct {
	logx.Logger
	ctx    context.Context
	svcCtx *svc.ServiceContext
}

func NewUpdateRoleLogic(ctx context.Context, svcCtx *svc.ServiceContext) *UpdateRoleLogic {
	return &UpdateRoleLogic{
		Logger: logx.WithContext(ctx),
		ctx:    ctx,
		svcCtx: svcCtx,
	}
}

// UpdateRole 更新角色。修改角色名称、备注、权限级别和启用/禁用状态。非超管不能降低权限级别。变更后自动清理绑定该角色的用户缓存。
func (l *UpdateRoleLogic) UpdateRole(req *types.UpdateRoleReq) error {
	role, err := l.svcCtx.SysRoleModel.FindOne(l.ctx, req.Id)
	if err != nil {
		return response.ErrNotFound("角色不存在")
	}

	if err := authHelper.RequireProductAdminFor(l.ctx, role.ProductCode); err != nil {
		return err
	}

	if len(req.Name) > 64 {
		return response.ErrBadRequest("角色名长度不能超过64个字符")
	}
	if len(req.Remark) > 255 {
		return response.ErrBadRequest("备注长度不能超过255个字符")
	}

	if req.PermsLevel < 1 || req.PermsLevel > 999 {
		return response.ErrBadRequest("权限级别必须在 1-999 之间")
	}

	caller := middleware.GetUserDetails(l.ctx)
	if caller != nil && !caller.IsSuperAdmin && req.PermsLevel < role.PermsLevel {
		return response.ErrForbidden("非超管不能降低角色的权限级别")
	}

	prevUpdateTime := role.UpdateTime
	role.Name = req.Name
	role.Remark = req.Remark
	role.PermsLevel = req.PermsLevel
	if req.Status != 0 {
		if req.Status != consts.StatusEnabled && req.Status != consts.StatusDisabled {
			return response.ErrBadRequest("状态值无效，仅支持 1(启用) 和 2(禁用)")
		}
		role.Status = req.Status
	}
	role.UpdateTime = time.Now().Unix()

	if err := l.svcCtx.SysRoleModel.UpdateWithOptLock(l.ctx, role, prevUpdateTime); err != nil {
		if errors.Is(err, roleModel.ErrUpdateConflict) {
			return response.ErrConflict("数据已被其他操作修改，请刷新后重试")
		}
		return err
	}

	affectedUserIds, err := l.svcCtx.SysUserRoleModel.FindUserIdsByRoleId(l.ctx, req.Id)
	if err != nil {
		logx.WithContext(l.ctx).Errorf("角色已更新但缓存清理失败 roleId=%d: %v", req.Id, err)
		return response.NewCodeError(500, "角色已更新但缓存刷新失败，请稍后手动刷新")
	}
	l.svcCtx.UserDetailsLoader.BatchDel(l.ctx, affectedUserIds, role.ProductCode)
	return nil
}