<?php
// Use absolute paths for model includes
require_once dirname(__DIR__) . '/models/TicketModel.php';
require_once dirname(__DIR__) . '/models/CommentModel.php';
require_once dirname(__DIR__) . '/models/AuditLogModel.php';
require_once dirname(__DIR__) . '/models/UserModel.php';
require_once dirname(__DIR__) . '/models/WorkflowModel.php';
require_once dirname(__DIR__) . '/models/TemplateModel.php';
require_once dirname(__DIR__) . '/helpers/UrlHelper.php';
require_once dirname(__DIR__) . '/helpers/NotificationHelper.php';

class TicketController {
    private $ticketModel;
    private $commentModel;
    private $auditLogModel;
    private $userModel;
    private $workflowModel;
    private $templateModel;
    private $conn;

    public function __construct($conn) {
        $this->conn = $conn;
        $this->ticketModel = new TicketModel($conn);
        $this->commentModel = new CommentModel($conn);
        $this->auditLogModel = new AuditLogModel($conn);
        $this->userModel = new UserModel($conn);
        $this->workflowModel = new WorkflowModel($conn);
        $this->templateModel = new TemplateModel($conn);
    }
    
    public function view($id) {
        // Get current user
        $currentUser = $GLOBALS['currentUser'] ?? null;
        $userId = $currentUser['user_id'] ?? null;

        // Get ticket data
        $ticket = $this->ticketModel->getTicketById($id);

        if (!$ticket) {
            header("HTTP/1.0 404 Not Found");
            echo "Ticket not found";
            return;
        }

        // Check visibility access — return 404 rather than 403 to avoid leaking ticket existence
        if (!$this->ticketModel->canUserAccessTicket($ticket, $currentUser)) {
            header("HTTP/1.0 404 Not Found");
            echo "Ticket not found";
            return;
        }

        // Get comments for this ticket using CommentModel
        $comments = $this->commentModel->getCommentsByTicketId($id);

        // Get timeline for this ticket
        $timeline = $this->auditLogModel->getTicketTimeline($id);

        // Get all users for assignment dropdown
        $allUsers = $this->userModel->getAllUsers();

        // Get allowed status transitions for this ticket
        $allowedTransitions = $this->workflowModel->getAllowedTransitions($ticket['status']);

        // Make $conn available to view for visibility groups
        $conn = $this->conn;

        // Load the view
        include dirname(__DIR__) . '/views/TicketView.php';
    }

    public function create() {
        // Get current user
        $currentUser = $GLOBALS['currentUser'] ?? null;
        $userId = $currentUser['user_id'] ?? null;

        // Check if form was submitted
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            // Handle visibility groups (comes as array from checkboxes)
            $visibilityGroups = null;
            if (isset($_POST['visibility_groups']) && is_array($_POST['visibility_groups'])) {
                $visibilityGroups = implode(',', array_map('trim', $_POST['visibility_groups']));
            }

            $ticketData = [
                'title' => $_POST['title'] ?? '',
                'description' => $_POST['description'] ?? '',
                'priority' => $_POST['priority'] ?? '4',
                'category' => $_POST['category'] ?? 'General',
                'type' => $_POST['type'] ?? 'Issue',
                'visibility' => $_POST['visibility'] ?? 'public',
                'visibility_groups' => $visibilityGroups,
                'assigned_to' => !empty($_POST['assigned_to']) ? $_POST['assigned_to'] : null
            ];

            // Validate input
            if (empty($ticketData['title'])) {
                $error = "Title is required";
                $templates = $this->templateModel->getAllTemplates();
                $allUsers = $this->userModel->getAllUsers();
                $conn = $this->conn; // Make $conn available to view
                include dirname(__DIR__) . '/views/CreateTicketView.php';
                return;
            }

            // Create ticket with user tracking
            $result = $this->ticketModel->createTicket($ticketData, $userId);

            if ($result['success']) {
                // Log ticket creation to audit log
                if (isset($GLOBALS['auditLog']) && $userId) {
                    $GLOBALS['auditLog']->logTicketCreate($userId, $result['ticket_id'], $ticketData);
                }

                // Send Matrix notification for new ticket
                NotificationHelper::sendTicketNotification($result['ticket_id'], $ticketData, 'manual');

                // Redirect to the new ticket
                header("Location: " . $GLOBALS['config']['BASE_URL'] . "/ticket/" . $result['ticket_id']);
                exit;
            } else {
                $error = $result['error'];
                $templates = $this->templateModel->getAllTemplates();
                $allUsers = $this->userModel->getAllUsers();
                $conn = $this->conn; // Make $conn available to view
                include dirname(__DIR__) . '/views/CreateTicketView.php';
                return;
            }
        } else {
            // Get all templates for the template selector
            $templates = $this->templateModel->getAllTemplates();
            // Get all users for assignment dropdown
            $allUsers = $this->userModel->getAllUsers();
            $conn = $this->conn; // Make $conn available to view

            // Display the create ticket form
            include dirname(__DIR__) . '/views/CreateTicketView.php';
        }
    }
    
    public function update($id) {
        // Get current user
        $currentUser = $GLOBALS['currentUser'] ?? null;
        $userId = $currentUser['user_id'] ?? null;

        // Check if this is an AJAX request
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            // For AJAX requests, get JSON data
            $input = file_get_contents('php://input');
            $data = json_decode($input, true);

            // Add ticket_id to the data
            $data['ticket_id'] = $id;

            // Validate input data
            if (empty($data['title'])) {
                header('Content-Type: application/json');
                echo json_encode([
                    'success' => false,
                    'error' => 'Title cannot be empty'
                ]);
                return;
            }

            // Update ticket with user tracking
            // Pass expected_updated_at for optimistic locking if provided
            $expectedUpdatedAt = $data['expected_updated_at'] ?? null;
            $result = $this->ticketModel->updateTicket($data, $userId, $expectedUpdatedAt);

            // Log ticket update to audit log
            if ($result['success'] && isset($GLOBALS['auditLog']) && $userId) {
                $GLOBALS['auditLog']->logTicketUpdate($userId, $id, $data);
            }

            // Return JSON response
            header('Content-Type: application/json');
            if ($result['success']) {
                echo json_encode([
                    'success' => true,
                    'status' => $data['status']
                ]);
            } else {
                $response = [
                    'success' => false,
                    'error' => $result['error'] ?? 'Failed to update ticket'
                ];
                if (!empty($result['conflict'])) {
                    $response['conflict'] = true;
                    $response['current_updated_at'] = $result['current_updated_at'] ?? null;
                }
                echo json_encode($response);
            }
        } else {
            // For direct access, redirect to view
            header("Location: " . $GLOBALS['config']['BASE_URL'] . "/ticket/$id");
            exit;
        }
    }
    
}
?>