package com.nebula.erp.reports.controller;

import com.nebula.erp.reports.documents.AuditComplianceSwagger;
import com.nebula.erp.reports.requestmodel.SalesRequest;
import com.nebula.erp.reports.service.AuditComplianceService;
import com.nebula.erp.reports.utility.ApiResponseStructure;
import com.nebula.erp.reports.utility.CreateLogger;
import com.nebula.erp.reports.utility.PermissionHelper;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import java.util.Map;

@RestController
@RequestMapping("/api/reports/audit-compliance")  // Base URI for sales report-related endpoints
@Tag(name="Audit and Compliance APIs", description = "APIs for managing audit & compliance Reports")
@AuditComplianceSwagger.GlobalErrorResponse
public class AuditComplianceController {

    @Autowired
    private AuditComplianceService auditComplianceService;

    @Autowired
    private PermissionHelper permissionHelper;

    @Autowired
    private CreateLogger createLogger;

    private static final String path = "/reports/audit-compliance";

    @AuditComplianceSwagger.GetAuditComplianceReportOperation
    @PostMapping
    public ResponseEntity<ApiResponseStructure<Map<String, Object>>> getAuditComplianceReport(
            @RequestBody SalesRequest salesRequest,
            @RequestParam(value = "reportType", required = true) String reportType) {  // Required report type parameter

        // Check user permissions
        if (!permissionHelper.hasPermission("create-report")) {
            createLogger.createLogger("error", path, "POST", "Forbidden: You do not have the required permission. Please contact the administration.", "validation");
            return ResponseEntity.status(HttpStatus.FORBIDDEN).body(new ApiResponseStructure<>("error", HttpStatus.FORBIDDEN.value(), "Forbidden: You do not have the required permission. Please contact the administration.", null));
        }

        // Calls the patientPrescription service to generate the report
        ApiResponseStructure<Map<String, Object>> response = auditComplianceService.getAuditComplianceReport(salesRequest, reportType);
        createLogger.createLogger("application", path, "POST", "Data retrieved.", "");
        return ResponseEntity.ok(response);
    }
}