<?php

namespace Controllers;

use Libs\ResponseLib;
use Models\CprMonitoringModel;
use Psr\Http\Message\ServerRequestInterface;
use Respect\Validation\Exceptions\ValidationException;
use Respect\Validation\Validator as val;

class OrderbookCprMonitoringListController
{
    private \PDO $pdo;
    private CprMonitoringModel $monitoringModel;

    public function __construct()
    {
        if (!isset($GLOBALS['pdo']) || !$GLOBALS['pdo'] instanceof \PDO) {
            throw new \RuntimeException('Global PDO connection not initialized');
        }

        $this->pdo = $GLOBALS['pdo'];
        $this->monitoringModel = new CprMonitoringModel();
    }

    public function __invoke(ServerRequestInterface $request)
    {
        $userId = (int)($request->getAttribute('api_user_id') ?? 0);
        $companyId = (int)($request->getAttribute('api_company_id') ?? 0);

        if ($userId <= 0 || $companyId <= 0) {
            return ResponseLib::sendFail('Unauthorized', [], 'E_VALIDATE')->withStatus(401);
        }

        $body = json_decode((string)$request->getBody(), true) ?? [];

        try {
            val::key('orderbook_id', val::intType()->positive())
                ->assert($body);
        } catch (ValidationException $e) {
            return ResponseLib::sendFail('Validation failed: ' . $e->getFullMessage(), [], 'E_VALIDATE')->withStatus(400);
        }

        $orderbookId = (int)$body['orderbook_id'];

        try {
            $stmt = $this->pdo->prepare(
                'SELECT
                    t.cpr_id,
                    w.company_id AS wallet_company_id
                 FROM "orderbook" o
                 LEFT JOIN "token" t ON t.token_id = o.token_id
                 LEFT JOIN "wallet" w ON w.wallet_id = o.wallet_id
                 WHERE o.orderbook_id = :orderbook_id
                 LIMIT 1'
            );
            $stmt->execute(['orderbook_id' => $orderbookId]);
            $row = $stmt->fetch(\PDO::FETCH_ASSOC) ?: null;

            $cprId = (int)($row['cpr_id'] ?? 0);
            $walletCompanyId = (int)($row['wallet_company_id'] ?? 0);

            if ($cprId <= 0) {
                return ResponseLib::sendFail('CPR not found for orderbook', ['orderbook_id' => $orderbookId], 'E_NOT_FOUND')->withStatus(404);
            }

            if ($walletCompanyId <= 0) {
                return ResponseLib::sendFail('Wallet not found for orderbook', ['orderbook_id' => $orderbookId], 'E_NOT_FOUND')->withStatus(404);
            }

            if ($companyId !== 1 && $walletCompanyId !== $companyId) {
                return ResponseLib::sendFail('Forbidden', [], 'E_FORBIDDEN')->withStatus(403);
            }

            $rows = $this->monitoringModel->listByCprId($cprId);

        } catch (\Throwable $e) {
            return ResponseLib::sendFail('Failed to list cpr monitoring: ' . $e->getMessage(), [], 'E_DATABASE')->withStatus(500);
        }

        return $rows
            ? ResponseLib::sendOk($rows)
            : ResponseLib::sendFail('Cpr monitoring not found', [], 'E_DATABASE')->withStatus(204);
    }
}