<?php

declare(strict_types=1);

namespace App\Controllers\Admin;

use App\Services\ApiClient;
use CodeIgniter\HTTP\ResponseInterface;

/**
 * Master perusahaan — memanggil `/api/admin/company/*`.
 */
class Company extends BaseAdminController
{
    public function kantor(): ResponseInterface|string
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->loadExtra('company/kantor', 'admin/perusahaan/kantor');
    }

    public function kantorSave(): ResponseInterface
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->postExtra('company/kantor/save', 'admin/perusahaan/kantor');
    }

    public function kantorDelete(int $id): ResponseInterface
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->postExtra('company/kantor/delete/' . $id, 'admin/perusahaan/kantor', []);
    }

    public function unitKerja(): ResponseInterface|string
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->loadExtra('company/unit_kerja', 'admin/perusahaan/unit_kerja');
    }

    public function unitKerjaSave(): ResponseInterface
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->postExtra('company/unit_kerja/save', 'admin/perusahaan/unit_kerja');
    }

    public function unitKerjaDelete(int $id): ResponseInterface
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->postExtra('company/unit_kerja/delete/' . $id, 'admin/perusahaan/unit_kerja', []);
    }

    public function golongan(): ResponseInterface|string
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->loadExtra('company/golongan', 'admin/perusahaan/golongan');
    }

    public function golonganSave(): ResponseInterface
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->postExtra('company/golongan/save', 'admin/perusahaan/golongan');
    }

    public function golonganDelete(int $id): ResponseInterface
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->postExtra('company/golongan/delete/' . $id, 'admin/perusahaan/golongan', []);
    }

    public function jabatan(): ResponseInterface|string
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->loadExtra('company/jabatan', 'admin/perusahaan/jabatan');
    }

    public function jabatanSave(): ResponseInterface
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->postExtra('company/jabatan/save', 'admin/perusahaan/jabatan');
    }

    public function jabatanDelete(int $id): ResponseInterface
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->postExtra('company/jabatan/delete/' . $id, 'admin/perusahaan/jabatan', []);
    }

    public function berita(): ResponseInterface|string
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->loadExtra('company/berita', 'admin/perusahaan/berita');
    }

    public function beritaSave(): ResponseInterface
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        $post     = $this->request->getPost() ?? [];
        $existing = (string) ($this->request->getPost('photo_existing') ?? '');
        if (($err = $this->mergeBeritaPhotoIntoPost($post, $existing)) !== null) {
            return redirect()->to(site_url('admin/perusahaan/berita'))->with('error', $err);
        }
        unset($post['photo_existing']);

        $r = $this->apiAdminPost('company/berita/save', $post);
        if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
            return redirect()->to(site_url('admin/perusahaan/berita'))->with('message', (string) ($r['json']['pesan'] ?? 'OK'));
        }
        $msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');

        return redirect()->to(site_url('admin/perusahaan/berita'))->with('error', $msg);
    }

    public function beritaDelete(int $id): ResponseInterface
    {
        if (($deny = $this->enforceAccess('perusahaan')) !== null) {
            return $deny;
        }

        return $this->postExtra('company/berita/delete/' . $id, 'admin/perusahaan/berita', []);
    }

    private function loadExtra(string $apiPath, string $view): string
    {
        $errors = [];
        $data   = null;
        $r      = $this->apiAdminGet($apiPath);
        if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
            $data = $r['json']['data'] ?? null;
        } else {
            $errors[] = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal memuat data') : 'Gagal memuat data');
        }

        return view($view, [
            'payload' => is_array($data) ? $data : null,
            'errors'  => $errors,
        ]);
    }

    private function postExtra(string $apiPath, string $redirectUri, ?array $mergePost = null): ResponseInterface
    {
        $post = array_merge($this->request->getPost(), $mergePost ?? []);
        $r    = $this->apiAdminPost($apiPath, $post);
        if ($r['transport_ok'] && ApiClient::isSuccess($r['json'])) {
            return redirect()->to(site_url($redirectUri))->with('message', (string) ($r['json']['pesan'] ?? 'OK'));
        }
        $msg = $r['error'] ?? (is_array($r['json']) ? (string) ($r['json']['pesan'] ?? 'Gagal') : 'Gagal');

        return redirect()->to(site_url($redirectUri))->with('error', $msg);
    }

    /**
     * Selaras CI3: `assets/uploads/berita/`.
     */
    private function beritaPhotoUploadDir(): string
    {
        $base = FCPATH . 'assets' . DIRECTORY_SEPARATOR . 'uploads' . DIRECTORY_SEPARATOR . 'berita';
        if (! is_dir($base)) {
            mkdir($base, 0755, true);
        }

        return $base;
    }

    /**
     * Unggah ke folder berita atau nama file manual. Kolom DB kosong di API disimpan sebagai '-'.
     *
     * @param array<string, mixed> $post
     *
     * @return string|null pesan error, atau null jika OK
     */
    private function mergeBeritaPhotoIntoPost(array &$post, string $photoExistingFromDb): ?string
    {
        $file = $this->request->getFile('photo_file');
        if ($file !== null && $file->getError() !== UPLOAD_ERR_NO_FILE) {
            if (! $file->isValid()) {
                return 'Unggah foto tidak valid.';
            }
            $mime = (string) $file->getMimeType();
            $allowedMime = ['image/jpeg', 'image/png', 'image/gif', 'image/webp'];
            if (! in_array($mime, $allowedMime, true)) {
                return 'Format foto harus JPG, PNG, GIF, atau WebP.';
            }
            if ($file->getSize() > 2_097_152) {
                return 'Ukuran foto maksimal 2 MB.';
            }
            $ext = strtolower((string) ($file->guessExtension() ?: $file->getClientExtension()));
            if (! in_array($ext, ['jpg', 'jpeg', 'png', 'gif', 'webp'], true)) {
                return 'Ekstensi foto tidak didukung.';
            }
            $dir = $this->beritaPhotoUploadDir();
            $rawName      = pathinfo($file->getClientName(), PATHINFO_FILENAME);
            $safeOriginal = preg_replace('/[^A-Za-z0-9._-]+/', '_', (string) $rawName) ?: 'berita';
            $safeOriginal = substr($safeOriginal, 0, 80);
            $filename     = uniqid((string) mt_rand(), true) . '-' . $safeOriginal . '.' . $ext;

            if (! $file->move($dir, $filename, true)) {
                return 'Gagal menyimpan file foto ke server.';
            }

            $old = trim($photoExistingFromDb);
            if ($old !== '' && $old !== '-' && $old !== $filename) {
                $oldPath = $dir . DIRECTORY_SEPARATOR . basename(str_replace('\\', '/', $old));
                if (is_file($oldPath)) {
                    @unlink($oldPath);
                }
            }
            $post['photo'] = $filename;

            return null;
        }

        $manual = isset($post['photo']) ? trim((string) $post['photo']) : '';
        if ($manual === '' || $manual === '-') {
            $post['photo'] = '';

            return null;
        }
        $base = basename(str_replace('\\', '/', $manual));
        if (! preg_match('/^[A-Za-z0-9._-]+$/', $base)) {
            return 'Nama file foto hanya boleh huruf, angka, titik, garis bawah, dan tanda hubung (atau unggah file).';
        }
        $post['photo'] = substr($base, 0, 255);

        return null;
    }
}