package mail

import (
	"context"
	"encoding/json"
	"errors"
	"fmt"
	"log/slog"

	"github.com/jackc/pgx/v5"
	"github.com/jackc/pgx/v5/pgxpool"

	"github.com/ultisuite/ulti-backend/internal/api/query"
	"github.com/ultisuite/ulti-backend/internal/mail/credentials"
	"github.com/ultisuite/ulti-backend/internal/securityaudit"
)

var (
	ErrNotFound               = errors.New("not found")
	ErrUserNotProvisioned     = errors.New("user not provisioned")
	ErrAccountNotFound        = errors.New("account not found")
	ErrCredentialsUnavailable = errors.New("credentials encryption unavailable")
)

type Service struct {
	db          *pgxpool.Pool
	credentials *credentials.Manager
	audit       *securityaudit.Logger
	logger      *slog.Logger
}

func NewService(db *pgxpool.Pool, audit *securityaudit.Logger, credentialManager *credentials.Manager) *Service {
	return &Service{
		db:          db,
		credentials: credentialManager,
		audit:       audit,
		logger:      slog.Default().With("component", "mail-service"),
	}
}

func (s *Service) ResolveUserID(ctx context.Context, externalID string) (string, error) {
	var userID string
	err := s.db.QueryRow(ctx, `SELECT id FROM users WHERE external_id = $1`, externalID).Scan(&userID)
	if err != nil {
		if errors.Is(err, pgx.ErrNoRows) {
			return "", ErrUserNotProvisioned
		}
		return "", err
	}
	return userID, nil
}

type AccountsList struct {
	Accounts   []map[string]any     `json:"accounts"`
	Pagination query.PaginationMeta `json:"pagination,omitempty"`
}

func (s *Service) ListAccounts(ctx context.Context, externalID string, params query.ListParams) (AccountsList, error) {
	var total int64
	err := s.db.QueryRow(ctx, `
		SELECT COUNT(*) FROM mail_accounts
		WHERE user_id = (SELECT id FROM users WHERE external_id = $1)
	`, externalID).Scan(&total)
	if err != nil {
		return AccountsList{}, err
	}

	rows, err := s.db.Query(ctx, `
		SELECT id, name, email, provider, imap_host, smtp_host, is_active, last_sync_at, created_at
		FROM mail_accounts WHERE user_id = (SELECT id FROM users WHERE external_id = $1)
		ORDER BY created_at ASC
		LIMIT $2 OFFSET $3
	`, externalID, params.Limit(), params.Offset())
	if err != nil {
		return AccountsList{}, err
	}
	defer rows.Close()

	accounts := make([]map[string]any, 0)
	for rows.Next() {
		var id, name, email, provider, imapHost, smtpHost string
		var isActive bool
		var lastSync, createdAt any
		if err := rows.Scan(&id, &name, &email, &provider, &imapHost, &smtpHost, &isActive, &lastSync, &createdAt); err != nil {
			return AccountsList{}, err
		}
		accounts = append(accounts, map[string]any{
			"id": id, "name": name, "email": email, "provider": provider,
			"imap_host": imapHost, "smtp_host": smtpHost, "is_active": isActive,
			"last_sync_at": lastSync, "created_at": createdAt,
		})
	}
	if err := rows.Err(); err != nil {
		return AccountsList{}, err
	}

	return AccountsList{
		Accounts:   accounts,
		Pagination: params.Meta(&total),
	}, nil
}

func (s *Service) CreateAccount(ctx context.Context, externalID string, req *createAccountRequest) (string, error) {
	if s.credentials == nil {
		return "", ErrCredentialsUnavailable
	}
	creds, err := s.credentials.Encrypt(req.Username, req.Password)
	if err != nil {
		return "", err
	}

	var id string
	err = s.db.QueryRow(ctx, `
		INSERT INTO mail_accounts (user_id, name, email, provider, imap_host, imap_port, imap_tls, smtp_host, smtp_port, smtp_tls, credentials)
		VALUES ((SELECT id FROM users WHERE external_id = $1), $2, $3, $4, $5, $6, $7, $8, $9, $10, $11)
		RETURNING id
	`, externalID, req.Name, req.Email, req.Provider, req.IMAPHost, req.IMAPPort, req.IMAPTLS, req.SMTPHost, req.SMTPPort, req.SMTPTLS, creds).Scan(&id)
	if err != nil {
		return "", err
	}
	return id, nil
}

func (s *Service) GetAccount(ctx context.Context, externalID, accountID string) (map[string]any, error) {
	var id, name, email, provider string
	err := s.db.QueryRow(ctx, `
		SELECT id, name, email, provider FROM mail_accounts
		WHERE id = $1 AND user_id = (SELECT id FROM users WHERE external_id = $2)
	`, accountID, externalID).Scan(&id, &name, &email, &provider)
	if err != nil {
		if errors.Is(err, pgx.ErrNoRows) {
			return nil, ErrNotFound
		}
		return nil, err
	}
	return map[string]any{"id": id, "name": name, "email": email, "provider": provider}, nil
}

func (s *Service) DeleteAccount(ctx context.Context, externalID, accountID string) error {
	userID, err := s.ResolveUserID(ctx, externalID)
	if err != nil {
		return err
	}
	result, err := s.db.Exec(ctx, `DELETE FROM mail_accounts WHERE id = $1 AND user_id = $2`, accountID, userID)
	if err != nil {
		return err
	}
	if result.RowsAffected() == 0 {
		return ErrNotFound
	}
	if s.audit != nil {
		s.audit.Log(ctx, externalID, securityaudit.ActionCriticalDeletion, map[string]any{
			"target": "mail_account", "account_id": accountID,
		})
	}
	return nil
}

type MessageListFilter struct {
	Folder    string
	AccountID string
}

type MessagesList struct {
	Messages   []map[string]any     `json:"messages"`
	Page       int                  `json:"page"`
	Pagination query.PaginationMeta `json:"pagination,omitempty"`
}

func (s *Service) ListMessages(ctx context.Context, externalID string, filter MessageListFilter, params query.ListParams) (MessagesList, error) {
	baseQuery := `
		FROM messages m
		JOIN mail_accounts ma ON m.account_id = ma.id
		WHERE ma.user_id = (SELECT id FROM users WHERE external_id = $1)
	`
	args := []any{externalID}
	argIdx := 2

	if filter.AccountID != "" {
		baseQuery += fmt.Sprintf(" AND m.account_id = $%d", argIdx)
		args = append(args, filter.AccountID)
		argIdx++
	}
	if filter.Folder != "" {
		baseQuery += fmt.Sprintf(" AND m.folder_id = (SELECT id FROM mail_folders WHERE name = $%d AND account_id = m.account_id LIMIT 1)", argIdx)
		args = append(args, filter.Folder)
		argIdx++
	}

	var total int64
	countQuery := "SELECT COUNT(*) " + baseQuery
	if err := s.db.QueryRow(ctx, countQuery, args...).Scan(&total); err != nil {
		return MessagesList{}, err
	}

	listQuery := `
		SELECT m.id, m.subject, m.from_addr, m.to_addrs, m.date, m.snippet, m.flags, m.labels, m.has_attachments
	` + baseQuery + fmt.Sprintf(" ORDER BY m.date DESC LIMIT $%d OFFSET $%d", argIdx, argIdx+1)
	args = append(args, params.Limit(), params.Offset())

	rows, err := s.db.Query(ctx, listQuery, args...)
	if err != nil {
		return MessagesList{}, err
	}
	defer rows.Close()

	messages := make([]map[string]any, 0)
	for rows.Next() {
		var id, subject, snippet string
		var fromAddr, toAddrs []byte
		var date any
		var flags, labels []string
		var hasAttachments bool
		if err := rows.Scan(&id, &subject, &fromAddr, &toAddrs, &date, &snippet, &flags, &labels, &hasAttachments); err != nil {
			return MessagesList{}, err
		}
		messages = append(messages, map[string]any{
			"id": id, "subject": subject, "from": json.RawMessage(fromAddr),
			"to": json.RawMessage(toAddrs), "date": date, "snippet": snippet,
			"flags": flags, "labels": labels, "has_attachments": hasAttachments,
		})
	}
	if err := rows.Err(); err != nil {
		return MessagesList{}, err
	}

	return MessagesList{
		Messages:   messages,
		Page:       params.Page,
		Pagination: params.Meta(&total),
	}, nil
}

func (s *Service) GetMessage(ctx context.Context, externalID, messageID string) (map[string]any, error) {
	var msg struct {
		ID      string
		Subject string
		From    []byte
		To      []byte
		Cc      []byte
		Date    any
		Text    string
		HTML    string
		Flags   []string
		Labels  []string
	}
	err := s.db.QueryRow(ctx, `
		SELECT m.id, m.subject, m.from_addr, m.to_addrs, m.cc_addrs, m.date, m.body_text, m.body_html, m.flags, m.labels
		FROM messages m JOIN mail_accounts ma ON m.account_id = ma.id
		WHERE m.id = $1 AND ma.user_id = (SELECT id FROM users WHERE external_id = $2)
	`, messageID, externalID).Scan(&msg.ID, &msg.Subject, &msg.From, &msg.To, &msg.Cc, &msg.Date, &msg.Text, &msg.HTML, &msg.Flags, &msg.Labels)
	if err != nil {
		if errors.Is(err, pgx.ErrNoRows) {
			return nil, ErrNotFound
		}
		return nil, err
	}
	return map[string]any{
		"id": msg.ID, "subject": msg.Subject, "from": json.RawMessage(msg.From),
		"to": json.RawMessage(msg.To), "cc": json.RawMessage(msg.Cc),
		"date": msg.Date, "body_text": msg.Text, "body_html": msg.HTML,
		"flags": msg.Flags, "labels": msg.Labels,
	}, nil
}

func (s *Service) UpdateLabels(ctx context.Context, userID, messageID string, labels []string) error {
	result, err := s.db.Exec(ctx, `
		UPDATE messages
		SET labels = $1, updated_at = NOW()
		WHERE id = $2
		  AND account_id IN (SELECT id FROM mail_accounts WHERE user_id = $3)
	`, labels, messageID, userID)
	if err != nil {
		return err
	}
	if result.RowsAffected() == 0 {
		return ErrNotFound
	}
	return nil
}

func (s *Service) UpdateFlags(ctx context.Context, userID, messageID string, flags []string) error {
	result, err := s.db.Exec(ctx, `
		UPDATE messages
		SET flags = $1, updated_at = NOW()
		WHERE id = $2
		  AND account_id IN (SELECT id FROM mail_accounts WHERE user_id = $3)
	`, flags, messageID, userID)
	if err != nil {
		return err
	}
	if result.RowsAffected() == 0 {
		return ErrNotFound
	}
	return nil
}

func (s *Service) DeleteMessage(ctx context.Context, externalID, userID, messageID string) error {
	result, err := s.db.Exec(ctx, `
		DELETE FROM messages
		WHERE id = $1
		  AND account_id IN (SELECT id FROM mail_accounts WHERE user_id = $2)
	`, messageID, userID)
	if err != nil {
		return err
	}
	if result.RowsAffected() == 0 {
		return ErrNotFound
	}
	if s.audit != nil {
		s.audit.Log(ctx, externalID, securityaudit.ActionCriticalDeletion, map[string]any{
			"target": "message", "message_id": messageID,
		})
	}
	return nil
}

func (s *Service) GetThread(ctx context.Context, externalID, threadID string) (map[string]any, error) {
	rows, err := s.db.Query(ctx, `
		SELECT m.id, m.subject, m.from_addr, m.date, m.snippet, m.flags
		FROM messages m JOIN mail_accounts ma ON m.account_id = ma.id
		WHERE m.thread_id = $1 AND ma.user_id = (SELECT id FROM users WHERE external_id = $2)
		ORDER BY m.date ASC
	`, threadID, externalID)
	if err != nil {
		return nil, err
	}
	defer rows.Close()

	messages := make([]map[string]any, 0)
	for rows.Next() {
		var id, subject, snippet string
		var from []byte
		var date any
		var flags []string
		if err := rows.Scan(&id, &subject, &from, &date, &snippet, &flags); err != nil {
			return nil, err
		}
		messages = append(messages, map[string]any{
			"id": id, "subject": subject, "from": json.RawMessage(from),
			"date": date, "snippet": snippet, "flags": flags,
		})
	}
	if err := rows.Err(); err != nil {
		return nil, err
	}
	return map[string]any{"thread_id": threadID, "messages": messages}, nil
}

func (s *Service) SendMessage(ctx context.Context, userID string, req *sendMessageRequest) (id, status string, err error) {
	toJSON, _ := json.Marshal(req.To)
	ccJSON, _ := json.Marshal(req.Cc)
	bccJSON, _ := json.Marshal(req.Bcc)

	status = "queued"
	if req.ScheduleAt != nil {
		status = "scheduled"
	}

	err = s.db.QueryRow(ctx, `
		INSERT INTO outbox (user_id, account_id, to_addrs, cc_addrs, bcc_addrs, subject, body_text, body_html, in_reply_to, status, scheduled_at)
		SELECT $1, ma.id, $3, $4, $5, $6, $7, $8, $9, $10, $11
		FROM mail_accounts ma
		WHERE ma.id = $2 AND ma.user_id = $1
		RETURNING id
	`, userID, req.AccountID, toJSON, ccJSON, bccJSON, req.Subject, req.BodyText, req.BodyHTML, req.InReplyTo, status, req.ScheduleAt).Scan(&id)
	if err != nil {
		if errors.Is(err, pgx.ErrNoRows) {
			return "", "", ErrAccountNotFound
		}
		return "", "", err
	}
	return id, status, nil
}

type RulesList struct {
	Rules      []map[string]any     `json:"rules"`
	Pagination query.PaginationMeta `json:"pagination,omitempty"`
}

func (s *Service) ListRules(ctx context.Context, externalID string, params query.ListParams) (RulesList, error) {
	var total int64
	err := s.db.QueryRow(ctx, `
		SELECT COUNT(*) FROM mail_rules WHERE user_id = (SELECT id FROM users WHERE external_id = $1)
	`, externalID).Scan(&total)
	if err != nil {
		return RulesList{}, err
	}

	rows, err := s.db.Query(ctx, `
		SELECT id, name, priority, conditions, actions, is_active, match_count
		FROM mail_rules WHERE user_id = (SELECT id FROM users WHERE external_id = $1)
		ORDER BY priority ASC
		LIMIT $2 OFFSET $3
	`, externalID, params.Limit(), params.Offset())
	if err != nil {
		return RulesList{}, err
	}
	defer rows.Close()

	rules := make([]map[string]any, 0)
	for rows.Next() {
		var id, name string
		var priority int
		var conditions, actions []byte
		var isActive bool
		var matchCount int64
		if err := rows.Scan(&id, &name, &priority, &conditions, &actions, &isActive, &matchCount); err != nil {
			return RulesList{}, err
		}
		rules = append(rules, map[string]any{
			"id": id, "name": name, "priority": priority,
			"conditions": json.RawMessage(conditions), "actions": json.RawMessage(actions),
			"is_active": isActive, "match_count": matchCount,
		})
	}
	if err := rows.Err(); err != nil {
		return RulesList{}, err
	}

	return RulesList{
		Rules:      rules,
		Pagination: params.Meta(&total),
	}, nil
}

func (s *Service) CreateRule(ctx context.Context, userID string, req *createRuleRequest) (string, error) {
	condJSON, _ := json.Marshal(req.Conditions)
	actJSON, _ := json.Marshal(req.Actions)

	if req.AccountID != "" {
		var exists bool
		err := s.db.QueryRow(ctx, `
			SELECT EXISTS(SELECT 1 FROM mail_accounts WHERE id = $1 AND user_id = $2)
		`, req.AccountID, userID).Scan(&exists)
		if err != nil {
			return "", err
		}
		if !exists {
			return "", ErrAccountNotFound
		}
	}

	var id string
	err := s.db.QueryRow(ctx, `
		INSERT INTO mail_rules (user_id, account_id, name, priority, conditions, actions)
		VALUES ($1, $2, $3, $4, $5, $6)
		RETURNING id
	`, userID, nilIfEmpty(req.AccountID), req.Name, req.Priority, condJSON, actJSON).Scan(&id)
	if err != nil {
		return "", err
	}
	return id, nil
}

func (s *Service) UpdateRule(ctx context.Context, userID, ruleID string, req *updateRuleRequest) error {
	condJSON, _ := json.Marshal(req.Conditions)
	actJSON, _ := json.Marshal(req.Actions)

	result, err := s.db.Exec(ctx, `
		UPDATE mail_rules SET name=$1, priority=$2, is_active=$3, conditions=$4, actions=$5, updated_at=NOW()
		WHERE id=$6 AND user_id=$7
	`, req.Name, req.Priority, req.IsActive, condJSON, actJSON, ruleID, userID)
	if err != nil {
		return err
	}
	if result.RowsAffected() == 0 {
		return ErrNotFound
	}
	return nil
}

func (s *Service) DeleteRule(ctx context.Context, externalID, userID, ruleID string) error {
	result, err := s.db.Exec(ctx, `DELETE FROM mail_rules WHERE id = $1 AND user_id = $2`, ruleID, userID)
	if err != nil {
		return err
	}
	if result.RowsAffected() == 0 {
		return ErrNotFound
	}
	if s.audit != nil {
		s.audit.Log(ctx, externalID, securityaudit.ActionCriticalDeletion, map[string]any{
			"target": "mail_rule", "rule_id": ruleID,
		})
	}
	return nil
}

type WebhooksList struct {
	Webhooks   []map[string]any     `json:"webhooks"`
	Pagination query.PaginationMeta `json:"pagination,omitempty"`
}

func (s *Service) ListWebhooks(ctx context.Context, externalID string, params query.ListParams) (WebhooksList, error) {
	var total int64
	err := s.db.QueryRow(ctx, `
		SELECT COUNT(*) FROM webhook_templates
		WHERE user_id = (SELECT id FROM users WHERE external_id = $1)
	`, externalID).Scan(&total)
	if err != nil {
		return WebhooksList{}, err
	}

	rows, err := s.db.Query(ctx, `
		SELECT id, name, url, method, is_active FROM webhook_templates
		WHERE user_id = (SELECT id FROM users WHERE external_id = $1)
		ORDER BY created_at ASC
		LIMIT $2 OFFSET $3
	`, externalID, params.Limit(), params.Offset())
	if err != nil {
		return WebhooksList{}, err
	}
	defer rows.Close()

	webhooks := make([]map[string]any, 0)
	for rows.Next() {
		var id, name, url, method string
		var isActive bool
		if err := rows.Scan(&id, &name, &url, &method, &isActive); err != nil {
			return WebhooksList{}, err
		}
		webhooks = append(webhooks, map[string]any{
			"id": id, "name": name, "url": url, "method": method, "is_active": isActive,
		})
	}
	if err := rows.Err(); err != nil {
		return WebhooksList{}, err
	}

	return WebhooksList{
		Webhooks:   webhooks,
		Pagination: params.Meta(&total),
	}, nil
}

func (s *Service) CreateWebhook(ctx context.Context, externalID string, req *createWebhookRequest, method string) (string, error) {
	headersJSON, _ := json.Marshal(req.Headers)

	var id string
	err := s.db.QueryRow(ctx, `
		INSERT INTO webhook_templates (user_id, name, url, method, headers, body_template)
		VALUES ((SELECT id FROM users WHERE external_id = $1), $2, $3, $4, $5, $6)
		RETURNING id
	`, externalID, req.Name, req.URL, method, headersJSON, req.BodyTemplate).Scan(&id)
	if err != nil {
		return "", err
	}
	return id, nil
}

func (s *Service) DeleteWebhook(ctx context.Context, externalID, userID, webhookID string) error {
	result, err := s.db.Exec(ctx, `DELETE FROM webhook_templates WHERE id = $1 AND user_id = $2`, webhookID, userID)
	if err != nil {
		return err
	}
	if result.RowsAffected() == 0 {
		return ErrNotFound
	}
	if s.audit != nil {
		s.audit.Log(ctx, externalID, securityaudit.ActionCriticalDeletion, map[string]any{
			"target": "webhook_template", "webhook_id": webhookID,
		})
	}
	return nil
}

func nilIfEmpty(s string) any {
	if s == "" {
		return nil
	}
	return s
}