use actix_web::{web, HttpResponse};
use serde::Deserialize;
use utoipa::IntoParams;

use crate::api::response::{ApiResponse, ApiErrorResponse};
use crate::error::AppError;
use crate::models::repos::RepoMember;
use crate::service::repo::members::UpdateRepoMemberRoleParams;
use crate::service::AppService;
use crate::session::Session;

#[derive(Debug, Deserialize, IntoParams)]
pub struct PathParams {
    /// Workspace name (unique identifier)
    pub workspace_name: String,
    /// Repository name (unique within the workspace)
    pub repo_name: String,
    /// Member ID (UUID)
    pub member_id: uuid::Uuid,
}

/// Update a member's role in a repository
///
/// Changes the access level of an existing repository member.
/// Requires Admin role or higher in the repository.
/// 
/// Role restrictions:
/// - Cannot change the owner's role (use transfer_owner instead)
/// - Cannot assign "owner" role (use transfer_owner instead)
/// - Can only assign roles equal to or lower than your own
/// - Valid roles: "read", "write", "admin"
/// 
/// Returns the updated member record with new role information.
#[utoipa::path(
    put,
    path = "/api/v1/workspaces/{workspace_name}/repos/{repo_name}/members/{member_id}/role",
    tag = "Repos",
    operation_id = "repoUpdateMemberRole",
    params(PathParams),
    request_body(
        content = UpdateRepoMemberRoleParams,
        description = "Role update parameters",
        content_type = "application/json"
    ),
    responses(
        (status = 200, description = "Member role updated successfully. Returns the updated member record with new role.", body = ApiResponse<RepoMember>),
        (status = 400, description = "Invalid parameters: invalid role or attempting to change owner role", body = ApiErrorResponse),
        (status = 401, description = "Authentication required or session expired", body = ApiErrorResponse),
        (status = 403, description = "Insufficient permissions (requires Admin role or higher)", body = ApiErrorResponse),
        (status = 404, description = "Repository, workspace, or member not found", body = ApiErrorResponse),
        (status = 500, description = "Internal server error", body = ApiErrorResponse),
    ),
    security(
        ("session_cookie" = [])
    )
)]
pub async fn update_member_role(
    service: web::Data<AppService>,
    session: Session,
    path: web::Path<PathParams>,
    params: web::Json<UpdateRepoMemberRoleParams>,
) -> Result<HttpResponse, AppError> {
    let member = service
        .repo
        .repo_update_member_role(
            &session,
            &path.workspace_name,
            &path.repo_name,
            path.member_id,
            params.into_inner(),
        )
        .await?;

    Ok(HttpResponse::Ok().json(ApiResponse::new(member)))
}