from fastapi import APIRouter, Depends, Query
from typing import Optional

from auth.models import TokenPayload
from auth.dependencies import require_permission
from crm.models import OrderCreate, OrderUpdate, OrderInDB, OrderListResponse
from crm import service

router = APIRouter(prefix="/api/crm/orders", tags=["crm-orders"])


@router.get("", response_model=OrderListResponse)
def list_orders(
    customer_id: Optional[str] = Query(None),
    status: Optional[str] = Query(None),
    payment_status: Optional[str] = Query(None),
    _user: TokenPayload = Depends(require_permission("crm", "view")),
):
    orders = service.list_orders(
        customer_id=customer_id,
        status=status,
        payment_status=payment_status,
    )
    return OrderListResponse(orders=orders, total=len(orders))


@router.get("/{order_id}", response_model=OrderInDB)
def get_order(
    order_id: str,
    _user: TokenPayload = Depends(require_permission("crm", "view")),
):
    return service.get_order(order_id)


@router.post("", response_model=OrderInDB, status_code=201)
def create_order(
    body: OrderCreate,
    _user: TokenPayload = Depends(require_permission("crm", "edit")),
):
    return service.create_order(body)


@router.put("/{order_id}", response_model=OrderInDB)
def update_order(
    order_id: str,
    body: OrderUpdate,
    _user: TokenPayload = Depends(require_permission("crm", "edit")),
):
    return service.update_order(order_id, body)


@router.delete("/{order_id}", status_code=204)
def delete_order(
    order_id: str,
    _user: TokenPayload = Depends(require_permission("crm", "edit")),
):
    service.delete_order(order_id)