package queries

import (
	"context"
	"fmt"
	"log"
	"strings"

	"bssapp-backend/db"
	"bssapp-backend/internal/authz"
	"bssapp-backend/models"
)

func GetAccounts(ctx context.Context) ([]models.Account, error) {

	piyasaCodes := authz.GetPiyasaCodesFromCtx(ctx)

	// 🔴 HİÇ YETKİ YOKSA → HİÇ DATA VERME
	if len(piyasaCodes) == 0 {
		log.Println("⚠️ No piyasa permission → empty account list")
		return []models.Account{}, nil
	}

	// ✅ Güvenli filter üret
	quoted := make([]string, 0, len(piyasaCodes))
	for _, p := range piyasaCodes {
		quoted = append(quoted, "'"+p+"'")
	}

	piyasaFilter := fmt.Sprintf(
		"f2.CustomerAtt01 IN (%s)",
		strings.Join(quoted, ","),
	)

	query := fmt.Sprintf(`
    SELECT
        x.AccountCode,
        MAX(x.AccountName) AS AccountName
    FROM (
        SELECT
            LEFT(b.CurrAccCode, 8) AS AccountCode,
            COALESCE(d.CurrAccDescription, '') AS AccountName
        FROM trCurrAccBook b
        LEFT JOIN cdCurrAccDesc d
            ON d.CurrAccCode = b.CurrAccCode
        JOIN CustomerAttributesFilter f2
            ON f2.CurrAccCode = b.CurrAccCode
        WHERE %s
    ) x
    GROUP BY x.AccountCode
    ORDER BY x.AccountCode
`, piyasaFilter)

	log.Println("🔎 ACCOUNT FILTER =", piyasaFilter)

	rows, err := db.MssqlDB.Query(query)
	if err != nil {
		return nil, fmt.Errorf("MSSQL query error: %w", err)
	}
	defer rows.Close()

	var accounts []models.Account

	for rows.Next() {

		var acc models.Account

		if err := rows.Scan(
			&acc.AccountCode,
			&acc.AccountName,
		); err != nil {
			return nil, err
		}

		if len(acc.AccountCode) >= 4 {
			acc.DisplayCode =
				strings.TrimSpace(acc.AccountCode[:3] + " " + acc.AccountCode[3:])
		} else {
			acc.DisplayCode = acc.AccountCode
		}

		accounts = append(accounts, acc)
	}

	return accounts, rows.Err()
}