import { Controller, Get, Patch, Body, UseGuards } from '@nestjs/common';
import { SettingsService } from './settings.service';
import { UpdateSettingsDto } from './dto/update-settings.dto';
import { JwtAuthGuard } from '../../auth/guards/jwt-auth.guard';
import { PermissionGuard } from '../../auth/guards/permission.guard';
import { Permissions } from '../../auth/decorators/permissions.decorator';
import { AccessLevel, ModuleName } from '../../entities/role-permission.entity';
import { successResponse } from '../../common/responses/api-response';

@Controller('settings')
export class SettingsController {
  constructor(private readonly settingsService: SettingsService) {}

  /**
   * GET /api/settings/branding — PUBLIC (no auth).
   * Returns only branding info for login page theming.
   * Tenant resolved from middleware (X-Tenant-Id header or subdomain).
   */
  @Get('branding')
  async getBranding() {
    const data = await this.settingsService.getBranding();
    return successResponse(data, 'Branding fetched successfully');
  }

  @Get()
  @UseGuards(JwtAuthGuard, PermissionGuard)
  @Permissions({ module: ModuleName.SETTINGS, accessLevel: AccessLevel.VIEW })
  async get() {
    const data = await this.settingsService.get();
    return successResponse(data, 'Settings fetched successfully');
  }

  @Patch()
  @UseGuards(JwtAuthGuard, PermissionGuard)
  @Permissions({ module: ModuleName.SETTINGS, accessLevel: AccessLevel.EDIT })
  async update(@Body() dto: UpdateSettingsDto) {
    const result = await this.settingsService.update(dto);
    return successResponse(result, result.message);
  }
}