import { NextResponse } from 'next/server'
import { getSession } from '@/lib/auth'
import { prisma } from '@/lib/db'
import { queryGameDb, getGameDbConfig } from '@/lib/game-db'
import { queryJobPanelDb, initializeJobPanelDatabase } from '@/lib/job-panel-db'

export async function GET() {
  try {
    const session = await getSession()
    if (!session) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
    }

    // Get user's group and permissions
    let userPermissions: string[] = []
    let userGroup: any = null
    
    try {
      const membership = await prisma.$queryRaw`
        SELECT ugm.groupId, ug.name, ug.displayName, ug.color, ug.permissions
        FROM user_group_members ugm
        JOIN user_groups ug ON ugm.groupId = ug.id
        WHERE ugm.userId = ${session.userId}
        LIMIT 1
      ` as any[]
      
      if (membership.length > 0) {
        userGroup = {
          id: membership[0].groupId,
          name: membership[0].name,
          displayName: membership[0].displayName,
          color: membership[0].color,
        }
        userPermissions = typeof membership[0].permissions === 'string' 
          ? JSON.parse(membership[0].permissions) 
          : (membership[0].permissions || [])
      }
    } catch (e) {
      // Table may not exist yet
    }

    // Superadmins have all permissions
    const isSuperAdmin = session.role === 'SUPERADMIN'
    const canViewAllPanels = isSuperAdmin || userPermissions.includes('job_panels.view_all')

    // Get user's character jobs from game database
    let characterJobs: string[] = []
    
    if (!canViewAllPanels) {
      try {
        const config = await getGameDbConfig()
        if (config) {
          // Get all characters for this user by discord ID
          // Try both ESX and QBCore patterns
          let charResults: any[] = []
          
          if (config.framework === 'QBCORE') {
            charResults = await queryGameDb(`
              SELECT job FROM players 
              WHERE JSON_EXTRACT(charinfo, '$.discord') = ? 
              OR discord = ?
            `, [session.discordId, session.discordId])
          } else {
            charResults = await queryGameDb(`
              SELECT job FROM users 
              WHERE identifier LIKE ?
            `, [`%${session.discordId}%`])
          }
          
          characterJobs = charResults.map((c: any) => {
            if (typeof c.job === 'string') {
              try {
                const jobData = JSON.parse(c.job)
                return jobData.name || jobData
              } catch {
                return c.job
              }
            }
            return c.job?.name || c.job
          }).filter(Boolean)
        }
      } catch (e) {
        console.error('[API] Failed to fetch character jobs:', e)
      }
    }

    // Get available job panels from job panel database
    let availablePanels: any[] = []
    try {
      await initializeJobPanelDatabase()
      const panels = await queryJobPanelDb<any[]>(
        'SELECT id, job_name, job_label, panel_name, icon, is_active FROM job_panels WHERE is_active = 1'
      )
      
      availablePanels = panels.filter(panel => {
        if (canViewAllPanels) return true
        return characterJobs.includes(panel.job_name)
      }).map(panel => ({
        id: panel.id,
        jobName: panel.job_name,
        jobLabel: panel.job_label,
        panelName: panel.panel_name,
        icon: panel.icon,
      }))
    } catch (e) {
      // Table may not exist or job panel db not configured
      console.error('[API] Failed to fetch available panels:', e)
    }

    return NextResponse.json({
      permissions: userPermissions,
      group: userGroup,
      isSuperAdmin,
      canViewAllPanels,
      characterJobs,
      availablePanels,
    })
  } catch (error) {
    console.error('[API] Failed to fetch user permissions:', error)
    return NextResponse.json({ error: 'Failed to fetch permissions' }, { status: 500 })
  }
}