'use strict';

// modules
const express = require('express');

const mongoose = require('mongoose');

// HTTP status codes by name
const codes = require('./http-codes');

const routerHandling = require('../middleware/router-handling');

const apiAuthenticationMiddleware = require('../middleware/auth-middleware');
const checkHl = require('../middleware/permission-check').checkHl;

// Mongoose Model using mongoDB
const AwardingModel = require('../models/awarding');
const UserModel = require('../models/user');

// result set for proposer(appUser) population
const resultSet = {
  '__v': 0, 'updatedAt': 0, 'timestamp': 0, 'password': 0, 'permission': 0, 'secret': 0, 'activated': 0,
};

const awarding = new express.Router();

// routes **********************
awarding.route('/')
        .get((req, res, next) => {
          const listAwardsCall = (filter) =>
            AwardingModel.find(filter, {}, {sort: {date: 'desc'}})
                         .populate('decorationId')
                         .populate('proposer', resultSet)
                         .populate('userId')
                         .exec((err, items) => {
                           if (err) {
                             err.status = codes.servererror;
                             return next(err);
                             // with return before (or after) the next(err) we prevent that the code continues here
                             // after next(err) has finished. this saves an extra else {..}
                           }
                           let results = [];
                           if (req.query.fractFilter) {
                             for (let item of items) {
                               if (item.decorationId.fraction === req.query.fractFilter) {
                                 results.push(item);
                               }
                             }
                             res.locals.items = results;
                           } else {
                             res.locals.items = items;
                           }
                           res.locals.processed = true;
                           return next();
                         });

          const filter = {};
          if (req.query.userId) {
            filter.userId = req.query.userId;
          }
          if (req.query.inProgress === 'true') {
            filter.confirmed = 0;
          }
          if (req.query.squadId) {
            UserModel.find({squadId: req.query.squadId}, (err, users) => {
              const squadUserIds = users.map((user) => new mongoose.Types.ObjectId(user._id));
              filter.userId = {$in: squadUserIds};
              return listAwardsCall(filter);
            });
          } else {
            return listAwardsCall(filter);
          }
        })

        .post(apiAuthenticationMiddleware, checkHl, (req, res, next) => {
          const award = new AwardingModel(req.body);
          award.confirmed = 1;
          award.proposer = req.user._id;
          // timestamp and default are set automatically by Mongoose Schema Validation
          award.save((err) => {
            if (err) {
              err.status = codes.wrongrequest;
              err.message += ' in fields: ' + Object.getOwnPropertyNames(err.errors);
              return next(err);
            }
            res.status(codes.created);
            res.locals.items = award;
            next();
          });
        })

        .all(routerHandling.httpMethodNotAllowed);

awarding.route('/:id')
        .patch(apiAuthenticationMiddleware, checkHl, (req, res, next) => {
          if (!req.body || (req.body._id && req.body._id !== req.params.id)) {
            // little bit different as in PUT. :id does not need to be in data, but if the _id and url id must match
            const err = new Error('id of PATCH resource and send JSON body are not equal ' + req.params.id + ' ' +
              req.body._id);
            err.status = codes.notfound;
            next(err);
            return; // prevent node to process this function further after next() has finished.
          }

          req.body.updatedAt = new Date();
          req.body.$inc = {__v: 1};

          // PATCH is easier with mongoose than PUT. You simply update by all data that comes from outside. no need to
          // reset attributes that are missing.
          AwardingModel.findByIdAndUpdate(req.params.id, req.body, {new: true}, (err, item) => {
            if (err) {
              err.status = codes.wrongrequest;
            } else if (!item) {
              err = new Error('item not found');
              err.status = codes.notfound;
            } else {
              res.locals.items = item;
            }
            next(err);
          });
        })

        .delete(apiAuthenticationMiddleware, checkHl, (req, res, next) => {
          AwardingModel.findByIdAndRemove(req.params.id, (err, item) => {
            if (err) {
              err.status = codes.wrongrequest;
            } else if (!item) {
              err = new Error('item not found');
              err.status = codes.notfound;
            }
            // we don't set res.locals.items  and thus it will send a 204 (no content) at the end. see last handler
            // user.use(..)
            res.locals.processed = true;
            next(err); // this works because err is in normal case undefined and that is the same as no parameter
          });
        })

        .all(routerHandling.httpMethodNotAllowed);

// this middleware function can be used, if you like or remove it
// it looks for object(s) in res.locals.items and if they exist, they are send to the client as json
awarding.use(routerHandling.emptyResponse);


module.exports = awarding;