const express = require('express');
const router = express.Router();
const Store = require('../models/Store');
const { authMiddleware, requireRole } = require('../middleware/auth');
const { validate } = require('../middleware/validate');
const { schemas } = require('../middleware/validate');

// 获取所有门店（登录即可）
router.get('/', authMiddleware, async (req, res) => {
  try {
    // store 角色只能看自己关联的门店
    if (req.user.role === 'store' && req.user.storeId) {
      const stores = await Store.find({ storeId: req.user.storeId });
      return res.json({ success: true, data: stores });
    }
    const stores = await Store.find();
    res.json({ success: true, data: stores });
  } catch (error) {
    res.status(500).json({ success: false, message: "服务器内部错误" });
  }
});

// 获取单个门店
router.get('/:id', authMiddleware, async (req, res) => {
  try {
    let store;
    // 如果是 MongoDB ObjectId 格式则用 findById，否则用 storeId 字段查
    if (req.params.id.match(/^[0-9a-fA-F]{24}$/)) {
      store = await Store.findById(req.params.id);
    } else {
      store = await Store.findOne({ storeId: req.params.id });
    }
    if (!store) return res.status(404).json({ success: false, message: '门店不存在' });

    // store 角色只能看自己关联的门店
    if (req.user.role === 'store' && req.user.storeId && store.storeId !== req.user.storeId) {
      return res.status(403).json({ success: false, message: '无权操作该门店数据' });
    }
    res.json({ success: true, data: store });
  } catch (error) {
    res.status(500).json({ success: false, message: "服务器内部错误" });
  }
});

// 创建门店（仅 admin）
router.post('/', authMiddleware, requireRole('admin'), validate(schemas.store), async (req, res) => {
  try {
    const store = new Store(req.body);
    await store.save();
    res.json({ success: true, data: store });
  } catch (error) {
    res.status(400).json({ success: false, message: "服务器内部错误" });
  }
});

// 更新门店（仅 admin）
router.put('/:id', authMiddleware, requireRole('admin'), async (req, res) => {
  try {
    const store = await Store.findByIdAndUpdate(req.params.id, req.body, { new: true });
    if (!store) return res.status(404).json({ success: false, message: '门店不存在' });
    res.json({ success: true, data: store });
  } catch (error) {
    res.status(400).json({ success: false, message: "服务器内部错误" });
  }
});

// 删除门店（仅 admin）
router.delete('/:id', authMiddleware, requireRole('admin'), async (req, res) => {
  try {
    await Store.findByIdAndDelete(req.params.id);
    res.json({ success: true });
  } catch (error) {
    res.status(400).json({ success: false, message: "服务器内部错误" });
  }
});

module.exports = router;