import { Router } from 'express';
import multer from 'multer';
import * as appSettingController from '../controllers/appSetting.controller.js';
import * as backupController from '../controllers/backup.controller.js';
import { authenticate, requirePermission } from '../middleware/auth.js';

// Multer für Backup-Upload (in Memory speichern)
const backupUpload = multer({
  storage: multer.memoryStorage(),
  limits: { fileSize: 500 * 1024 * 1024 }, // 500MB max
  fileFilter: (req, file, cb) => {
    if (file.mimetype === 'application/zip' || file.originalname.endsWith('.zip')) {
      cb(null, true);
    } else {
      cb(new Error('Nur ZIP-Dateien sind erlaubt'));
    }
  },
});

const router = Router();

// Öffentliche Einstellungen (für alle authentifizierten Benutzer, inkl. Kunden)
router.get('/public', authenticate, appSettingController.getPublicSettings);

// Alle Einstellungen (nur Admin)
router.get('/', authenticate, requirePermission('settings:read'), appSettingController.getAllSettings);

// Einzelne Einstellung aktualisieren (nur Admin)
router.put(
  '/:key',
  authenticate,
  requirePermission('settings:update'),
  appSettingController.updateSetting
);

// Mehrere Einstellungen aktualisieren (nur Admin)
router.put(
  '/',
  authenticate,
  requirePermission('settings:update'),
  appSettingController.updateSettings
);

// ==================== BACKUP & RESTORE ====================

// Liste aller Backups
router.get(
  '/backups',
  authenticate,
  requirePermission('settings:update'),
  backupController.listBackups
);

// Neues Backup erstellen
router.post(
  '/backup',
  authenticate,
  requirePermission('settings:update'),
  backupController.createBackup
);

// Backup wiederherstellen
router.post(
  '/backup/:name/restore',
  authenticate,
  requirePermission('settings:update'),
  backupController.restoreBackup
);

// Backup löschen
router.delete(
  '/backup/:name',
  authenticate,
  requirePermission('settings:update'),
  backupController.deleteBackup
);

// Backup als ZIP herunterladen
router.get(
  '/backup/:name/download',
  authenticate,
  requirePermission('settings:update'),
  backupController.downloadBackup
);

// Backup-ZIP hochladen
router.post(
  '/backup/upload',
  authenticate,
  requirePermission('settings:update'),
  backupUpload.single('backup'),
  backupController.uploadBackup
);

// Werkseinstellungen (alles löschen)
router.post(
  '/factory-reset',
  authenticate,
  requirePermission('settings:update'),
  backupController.factoryReset
);

export default router;