package controllers

import (
	"net/http"

	"gemma.intevation.de/gemma/auth"

	"github.com/gorilla/mux"
)

func BindRoutes(m *mux.Router) {

	api := m.PathPrefix("/api").Subrouter()

	var (
		sysAdmin = auth.EnsureRole("sys_admin")
		all      = auth.EnsureRole("sys_admin", "waterway_admin", "waterway_user")
	)

	// User management.
	api.Handle("/users", all(&JSONHandler{
		Handle: listUsers,
	})).Methods(http.MethodGet)

	api.Handle("/users", sysAdmin(&JSONHandler{
		Input:  func() interface{} { return new(User) },
		Handle: createUser,
	})).Methods(http.MethodPost)

	api.Handle("/users/{user}", all(&JSONHandler{
		Handle: listUser,
	})).Methods(http.MethodGet)

	api.Handle("/users/{user}", all(&JSONHandler{
		Input:  func() interface{} { return new(User) },
		Handle: updateUser,
	})).Methods(http.MethodPut)

	api.Handle("/users/{user}", sysAdmin(&JSONHandler{
		Handle: deleteUser,
	})).Methods(http.MethodDelete)

	// Password resets.
	api.Handle("/users/passwordreset", &JSONHandler{
		Input:  func() interface{} { return new(PWResetUser) },
		Handle: passwordResetRequest,
	}).Methods(http.MethodPost)

	api.Handle("/users/passwordreset/{hash}", &JSONHandler{
		Handle: passwordReset,
	}).Methods(http.MethodGet)

	// Proxy for external WFSs.
	api.HandleFunc("/externalwfs/{wfs}", externalWFSProxy).
		Methods(
			http.MethodGet, http.MethodPost,
			http.MethodPut, http.MethodDelete)

	// Token handling: Login/Logout.
	api.HandleFunc("/login", login).
		Methods(http.MethodGet, http.MethodPost)
	api.Handle("/logout", auth.SessionMiddleware(http.HandlerFunc(logout))).
		Methods(http.MethodGet, http.MethodPost)
	api.Handle("/renew", auth.SessionMiddleware(http.HandlerFunc(renew))).
		Methods(http.MethodGet, http.MethodPost)
}