use actix_web::{HttpResponse, web};
use uuid::Uuid;

use crate::api::response::{ApiEmptyResponse, ApiErrorResponse};
use crate::error::AppError;
use crate::service::AppService;
use crate::session::Session;

#[utoipa::path(
    post,
    path = "/api/v1/workspaces/{workspace_name}/domains/{domain_id}/verify",
    tag = "Workspaces",
    operation_id = "workspaceVerifyDomain",
    summary = "Verify a domain",
    description = "Mark a domain as verified. Requires admin role.",
    params(
        ("workspace_name" = String, Path, description = "Workspace name."),
        ("domain_id" = Uuid, Path, description = "Domain record ID.")
    ),
    responses(
        (status = 200, description = "Domain verified.", body = ApiEmptyResponse),
        (status = 401, description = "Unauthenticated or insufficient role.", body = ApiErrorResponse),
        (status = 404, description = "Domain not found or already verified.", body = ApiErrorResponse),
        (status = 500, description = "Database transaction failed.", body = ApiErrorResponse)
    )
)]
pub async fn handle(
    service: web::Data<AppService>,
    session: Session,
    path: web::Path<(String, Uuid)>,
) -> Result<HttpResponse, AppError> {
    let (ws_name, domain_id) = path.into_inner();
    let ws = service.workspace.find_workspace_by_name(&ws_name).await?;
    service
        .workspace
        .workspace_verify_domain(&session, &ws, domain_id)
        .await?;
    Ok(HttpResponse::Ok().json(ApiEmptyResponse::ok("domain verified")))
}