#!/usr/bin/env python3
"""CLI lifecycle conturi ROAAUTO (admin gateway).

Onboardeaza/activeaza un client fara INSERT SQL manual, simetric cu
`tools/apikey.py`. Adminul ruleaza pe masina gateway — nicio suprafata HTTP de
admin (admin web vine in 3.3). Optional emite si prima cheie API intr-un pas
(`--with-key`), atomic cu crearea contului.

NOTA: `deactivate` comuta `accounts.active` (lifecycle), dar NU opreste inca
trimiterile — gate-ul worker pe `active` apartine 3.3. Vezi `app/accounts.py`.

Utilizare:
    python -m tools.account create  --name "Service X" [--cui RO123] [--inactive] [--with-key]
    python -m tools.account list    [--pending]
    python -m tools.account activate   --account 2
    python -m tools.account deactivate --account 2
"""

from __future__ import annotations

import argparse
import sqlite3
import sys

from app.accounts import create_account, list_accounts, set_active, set_tier
from app.auth import create_api_key
from app.db import get_connection, init_db
from app.users import set_admin


def _create(conn: sqlite3.Connection, args: argparse.Namespace) -> int:
    active = not args.inactive
    if not args.with_key:
        try:
            acct_id = create_account(conn, args.name, cui=args.cui, email=args.email, active=active)
        except ValueError as exc:
            print(f"eroare: {exc}", file=sys.stderr)
            return 2
        print(f"Cont creat: id={acct_id} (activ={'da' if active else 'nu'})")
        return 0

    # --with-key: cont + cheie in aceeasi tranzactie (DB ruleaza autocommit).
    conn.execute("BEGIN IMMEDIATE")
    try:
        acct_id = create_account(conn, args.name, cui=args.cui, email=args.email, active=active)
        key = create_api_key(conn, acct_id)
        conn.execute("COMMIT")
    except ValueError as exc:
        conn.execute("ROLLBACK")
        print(f"eroare: {exc}", file=sys.stderr)
        return 2
    except Exception:
        conn.execute("ROLLBACK")
        raise
    print(f"Cont creat: id={acct_id} (activ={'da' if active else 'nu'})")
    print("Cheie API (pastreaz-o, nu se mai afiseaza):")
    print(key)
    return 0


def _set_active(conn: sqlite3.Connection, account_id: int, active: bool) -> int:
    try:
        set_active(conn, account_id, active)
    except ValueError as exc:
        print(f"eroare: {exc}", file=sys.stderr)
        return 2
    print(f"Cont {account_id}: activ={'da' if active else 'nu'}")
    return 0


def _set_tier(conn: sqlite3.Connection, account_id: int, tier: str, trial_until: str | None) -> int:
    try:
        set_tier(conn, account_id, tier, trial_until=trial_until)
    except ValueError as exc:
        print(f"eroare: {exc}", file=sys.stderr)
        return 2
    trial_msg = f", trial_until={trial_until}" if trial_until else ", fara trial"
    print(f"Cont {account_id}: tier={tier}{trial_msg}")
    return 0


def _set_admin(conn: sqlite3.Connection, account_id: int, is_admin: bool) -> int:
    try:
        set_admin(conn, account_id, is_admin=is_admin)
    except ValueError as exc:
        print(f"eroare: {exc}", file=sys.stderr)
        return 2
    actiune = "admin" if is_admin else "non-admin"
    print(f"Cont {account_id}: marcat ca {actiune}")
    return 0


def _list(conn: sqlite3.Connection, pending_only: bool) -> int:
    rows = list_accounts(conn)
    if pending_only:
        rows = [r for r in rows if not r["active"]]
    if not rows:
        print("(niciun cont in asteptare)" if pending_only else "(niciun cont)")
        return 0
    print(f"{'id':>4}  {'activ':>5}  {'cui':<14}  {'creat':<20}  nume")
    for r in rows:
        print(
            f"{r['id']:>4}  {('da' if r['active'] else 'nu'):>5}  "
            f"{(r['cui'] or ''):<14}  {(r['created_at'] or ''):<20}  {r['name']}"
        )
    return 0


def main(argv: list[str] | None = None) -> int:
    parser = argparse.ArgumentParser(description="Lifecycle conturi gateway RAR AUTOPASS")
    sub = parser.add_subparsers(dest="cmd", required=True)

    p_create = sub.add_parser("create", help="creeaza un cont nou")
    p_create.add_argument("--name", required=True, help="nume cont (service)")
    p_create.add_argument("--cui", required=True, help="CUI firma (obligatoriu, unic)")
    p_create.add_argument("--email", required=True, help="email de contact al firmei (obligatoriu)")
    p_create.add_argument("--inactive", action="store_true", help="creeaza cont in asteptare (active=0)")
    p_create.add_argument("--with-key", action="store_true", help="emite si prima cheie API (atomic)")

    p_list = sub.add_parser("list", help="listeaza conturi")
    p_list.add_argument("--pending", action="store_true", help="doar conturi in asteptare (active=0)")

    p_act = sub.add_parser("activate", help="activeaza un cont")
    p_act.add_argument("--account", type=int, required=True, help="account_id")

    p_deact = sub.add_parser("deactivate", help="dezactiveaza un cont")
    p_deact.add_argument("--account", type=int, required=True, help="account_id")

    p_sadmin = sub.add_parser("set-admin", help="seteaza/sterge rol admin pe un cont")
    p_sadmin.add_argument("--account", type=int, required=True, help="account_id")
    p_sadmin.add_argument("--remove", action="store_true", help="sterge rolul admin (implicit: adauga)")

    p_stier = sub.add_parser(
        "set-tier",
        help="seteaza planul unui cont (free/standard/pro/premium)",
        description=(
            "Aloca manual un plan de cont. Tier invalid -> eroare clara. "
            "Contul de sistem id=1 e protejat."
        ),
    )
    p_stier.add_argument("--account", type=int, required=True, help="account_id")
    p_stier.add_argument(
        "--tier", required=True,
        help="planul de alocat: free | standard | pro | premium"
    )
    _trial_grp = p_stier.add_mutually_exclusive_group()
    _trial_grp.add_argument(
        "--trial-days", type=int, metavar="N",
        help="seteaza trial_until = acum + N zile"
    )
    _trial_grp.add_argument(
        "--no-trial", action="store_true",
        help="sterge trial-ul (trial_until=NULL)"
    )

    args = parser.parse_args(argv)

    init_db()  # asigura schema (accounts.active + index CUI) + cont default
    conn = get_connection()
    try:
        if args.cmd == "create":
            return _create(conn, args)
        if args.cmd == "list":
            return _list(conn, args.pending)
        if args.cmd == "activate":
            return _set_active(conn, args.account, True)
        if args.cmd == "deactivate":
            return _set_active(conn, args.account, False)
        if args.cmd == "set-admin":
            return _set_admin(conn, args.account, is_admin=not args.remove)
        if args.cmd == "set-tier":
            # Calculeaza trial_until din --trial-days sau None daca --no-trial
            from datetime import datetime, timedelta, timezone
            trial_until: str | None = None
            if getattr(args, "trial_days", None):
                trial_until = (
                    datetime.now(timezone.utc) + timedelta(days=args.trial_days)
                ).strftime("%Y-%m-%d %H:%M:%S")
            # daca nici --trial-days nici --no-trial -> trial_until=None (fara trial)
            return _set_tier(conn, args.account, args.tier, trial_until)
    finally:
        conn.close()
    return 0


if __name__ == "__main__":
    sys.exit(main())