package hr

import (
	"WiiCITMS/models/hr"
	"WiiGenerates/WiiCITMS/generates/v1/go/types"
	"WiiGoLibrary/apply/middle/process/v1"
	"WiiGoLibrary/framework/db/v1/utils/mssql/unique"
	"WiiGoLibrary/framework/hub/v1/dblib"
	"errors"
)

// PositionPermissionRequest 岗位权限分配请求
type PositionPermissionRequest struct {
	PositionGuid   string `json:"positionGuid"`   // 岗位GUID
	PermissionGuid string `json:"permissionGuid"` // 权限GUID
	GrantType      int    `json:"grantType"`      // 授权类型：0-直接授权，1-继承授权
}

// CheckPermissionRequest 权限检查请求
type CheckPermissionRequest struct {
	StaffGuid     string `json:"staffGuid"`     // 员工GUID
	PermissionID  int    `json:"permissionId"`  // 权限ID
	OrganizationGuid string `json:"organizationGuid"` // 相关组织GUID（可选）
}

// AssignPermissionToPosition 为岗位分配权限
func AssignPermissionToPosition(params PositionPermissionRequest) (*hr.PositionPermissionModel, *process.Process) {
	// 验证岗位是否存在
	positionGuid, err := unique.FromString(params.PositionGuid)
	if err != nil {
		return nil, process.FailError(types.InvalidParamError, err)
	}
	
	position := &hr.PositionModel{}
	r := dblib.DBIns.DB.Where("RecordGuid = ? AND (RecordStatus & 524288) = 0", positionGuid).First(position)
	if r.Error != nil {
		return nil, process.FailError(types.PositionNotFoundError, r.Error)
	}
	
	// 验证权限是否存在
	permissionGuid, err := unique.FromString(params.PermissionGuid)
	if err != nil {
		return nil, process.FailError(types.InvalidParamError, err)
	}
	
	permission := &hr.PermissionModel{}
	r = dblib.DBIns.DB.Where("RecordGuid = ? AND (RecordStatus & 524288) = 0", permissionGuid).First(permission)
	if r.Error != nil {
		return nil, process.FailError(types.PermissionNotFoundError, r.Error)
	}
	
	// 检查是否已存在相同的岗位权限关系
	var count int64
	r = dblib.DBIns.DB.Model(&hr.PositionPermissionModel{}).
		Where("PositionGuid = ? AND PermissionGuid = ? AND (RecordStatus & 524288) = 0", 
			  positionGuid, permissionGuid).Count(&count)
	if r.Error != nil {
		return nil, process.FailError(types.QueryPermissionError, r.Error)
	}
	
	if count > 0 {
		return nil, process.FailError(types.DuplicatePermissionError, errors.New("该岗位已拥有此权限"))
	}
	
	// 创建岗位权限关系
	relation := hr.PositionPermissionInstance()
	relation.PositionGuid = positionGuid
	relation.PermissionGuid = permissionGuid
	relation.PositionID = position.PositionID
	relation.PermissionID = permission.PermissionID
	relation.GrantType = int16(params.GrantType)
	
	// 保存到数据库
	r = dblib.DBIns.DB.Create(relation)
	if r.Error != nil {
		return nil, process.FailError(types.CreatePermissionError, r.Error)
	}
	
	return relation, process.Success(200)
}

// RemovePermissionFromPosition 从岗位中移除权限
func RemovePermissionFromPosition(relationGuid string) *process.Process {
	// 验证关系ID
	guid, err := unique.FromString(relationGuid)
	if err != nil {
		return process.FailError(types.InvalidParamError, err)
	}
	
	// 查询岗位权限关系
	relation := &hr.PositionPermissionModel{}
	r := dblib.DBIns.DB.Where("RecordGuid = ? AND (RecordStatus & 524288) = 0", guid).First(relation)
	if r.Error != nil {
		return process.FailError(types.PositionPermNotFoundError, r.Error)
	}
	
	// 使用原生SQL执行删除操作（设置删除标记）
	sql := "UPDATE " + hr.PositionPermissionTable + " SET RecordStatus = RecordStatus | 524288 WHERE RecordGuid = ?"
	r = dblib.DBIns.DB.Exec(sql, guid)
	if r.Error != nil {
		return process.FailError(types.DeletePermissionError, r.Error)
	}
	
	return process.Success(200)
}

// QueryPositionPermissions 查询岗位的权限列表
func QueryPositionPermissions(positionGuid string) ([]*hr.PermissionModel, *process.Process) {
	// 验证岗位ID
	guid, err := unique.FromString(positionGuid)
	if err != nil {
		return nil, process.FailError(types.InvalidParamError, err)
	}
	
	// 查询岗位是否存在
	position := &hr.PositionModel{}
	r := dblib.DBIns.DB.Where("RecordGuid = ? AND (RecordStatus & 524288) = 0", guid).First(position)
	if r.Error != nil {
		return nil, process.FailError(types.PositionNotFoundError, r.Error)
	}
	
	// 查询岗位权限
	result := make([]*hr.PermissionModel, 0)
	r = dblib.DBIns.DB.Table(hr.PermissionTable+" p").
		Select("p.*").
		Joins("JOIN "+hr.PositionPermissionTable+" pp ON p.RecordGuid = pp.PermissionGuid").
		Where("pp.PositionGuid = ? AND (p.RecordStatus & 524288) = 0 AND (pp.RecordStatus & 524288) = 0", guid).
		Find(&result)
	
	if r.Error != nil {
		return nil, process.FailError(types.QueryPermissionError, r.Error)
	}
	
	return result, process.Success(200)
}

// HasPermission 检查岗位是否拥有特定权限
func HasPermission(positionGuid string, permissionID int) (bool, *process.Process) {
	// 验证岗位ID
	guid, err := unique.FromString(positionGuid)
	if err != nil {
		return false, process.FailError(types.InvalidParamError, err)
	}
	
	// 查询岗位是否拥有指定权限
	var count int64
	r := dblib.DBIns.DB.Model(&hr.PositionPermissionModel{}).
		Where("PositionGuid = ? AND PermissionID = ? AND (RecordStatus & 524288) = 0", guid, permissionID).
		Count(&count)
	
	if r.Error != nil {
		return false, process.FailError(types.QueryPermissionError, r.Error)
	}
	
	// 如果找到记录，则表示有权限
	return count > 0, process.Success(200)
}

// CheckStaffPermission 检查员工是否拥有特定权限
// 该方法会检查员工在指定组织下的岗位是否拥有相关权限
func CheckStaffPermission(params CheckPermissionRequest) (bool, *process.Process) {
	// 验证员工ID
	staffGuid, err := unique.FromString(params.StaffGuid)
	if err != nil {
		return false, process.FailError(types.InvalidParamError, err)
	}
	
	// 构建查询条件
	query := dblib.DBIns.DB.Table(hr.PositionPermissionTable+" pp").
		Joins("JOIN "+hr.Staff2OrganizationTable+" so ON pp.PositionGuid = so.PositionGuid").
		Where("so.ObjectGuid = ? AND pp.PermissionID = ? AND (pp.RecordStatus & 524288) = 0 AND (so.RecordStatus & 524288) = 0", staffGuid, params.PermissionID)
	
	// 如果指定了组织，则限定在该组织范围内
	if params.OrganizationGuid != "" {
		orgGuid, err := unique.FromString(params.OrganizationGuid)
		if err != nil {
			return false, process.FailError(types.InvalidParamError, err)
		}
		query = query.Where("so.TargetGuid = ?", orgGuid)
	}
	
	// 执行查询
	var count int64
	r := query.Count(&count)
	if r.Error != nil {
		return false, process.FailError(types.QueryPermissionError, r.Error)
	}
	
	// 如果找到记录，则表示有权限
	return count > 0, process.Success(200)
}

// GetPermissionsByStaff 获取员工的所有权限
func GetPermissionsByStaff(staffGuid string) ([]*hr.PermissionModel, *process.Process) {
	// 验证员工ID
	guid, err := unique.FromString(staffGuid)
	if err != nil {
		return nil, process.FailError(types.InvalidParamError, err)
	}
	
	// 查询员工的所有权限
	result := make([]*hr.PermissionModel, 0)
	r := dblib.DBIns.DB.Table(hr.PermissionTable+" p").
		Select("DISTINCT p.*").
		Joins("JOIN "+hr.PositionPermissionTable+" pp ON p.RecordGuid = pp.PermissionGuid").
		Joins("JOIN "+hr.Staff2OrganizationTable+" so ON pp.PositionGuid = so.PositionGuid").
		Where("so.ObjectGuid = ? AND (p.RecordStatus & 524288) = 0 AND (pp.RecordStatus & 524288) = 0 AND (so.RecordStatus & 524288) = 0", guid).
		Find(&result)
	
	if r.Error != nil {
		return nil, process.FailError(types.QueryPermissionError, r.Error)
	}
	
	return result, process.Success(200)
}

// IsSystemAdmin 检查员工是否是系统管理员
func IsSystemAdmin(staffGuid string) (bool, *process.Process) {
	// 系统管理员权限特殊处理
	params := CheckPermissionRequest{
		StaffGuid:    staffGuid,
		PermissionID: hr.PermSystemAdmin,
	}
	
	return CheckStaffPermission(params)
}