<?php

namespace app\admin\controller\order;

use app\common\controller\Backend;
use support\think\Db;
use support\Response;
use Webman\Http\Request as WebmanRequest;

/**
 * 充值订单
 *
 * 订单的"由 0 转 1（成功入账）"统一走 app\common\library\finance\DepositSettlement。
 * 当前充值接口为 mock 支付网关，点击即成功；后台不再保留人工审核按钮，
 * 如需人工补单，请通过后续专门的"补单/冲正"工具完成，而不是在这个 CRUD 里直接改 status。
 *
 * 编辑入口现在只用于"查看详情"：GET 返回订单 + 关联的 user/channel 信息，
 * 阻止 POST 任何改字段的动作（保证金额、状态只能由结算服务变更）。
 */
class DepositOrder extends Backend
{
    protected ?object $model = null;

    protected bool $modelValidate = true;

    protected bool $modelSceneValidate = true;

    protected string|array $quickSearchField = ['id', 'order_no', 'pay_channel', 'remark', 'deposit_tier_id', 'idempotency_key'];

    protected string|array $defaultSortField = ['id' => 'desc'];

    protected string|array $orderGuarantee = ['id' => 'desc'];

    protected array $withJoinTable = ['user', 'channel'];

    protected function initController(WebmanRequest $request): ?Response
    {
        $this->model = new \app\common\model\DepositOrder();
        return null;
    }

    protected function _index(): Response
    {
        if ($this->request && $this->request->get('select')) {
            return $this->select($this->request);
        }

        list($where, $alias, $limit, $order) = $this->queryBuilder();
        $table = strtolower($this->model->getTable());
        $mainShort = $alias[$table] ?? '';
        if ($mainShort !== '' && $this->auth && !$this->auth->isSuperAdmin()) {
            $channelIds = $this->getScopedChannelIdsForFilter();
            $where[] = [$mainShort . '.channel_id', 'in', $channelIds !== [] ? $channelIds : [0]];
        }

        $res = $this->model
            ->withJoin($this->withJoinTable, $this->withJoinType)
            ->with($this->withJoinTable)
            ->visible([
                'user' => ['username', 'phone'],
                'channel' => ['name'],
            ])
            ->alias($alias)
            ->where($where)
            ->order($order)
            ->paginate($limit);

        return $this->success('', [
            'list'   => $res->items(),
            'total'  => $res->total(),
            'remark' => get_route_remark(),
        ]);
    }

    /**
     * GET 时返回关联信息，便于前端详情弹窗直接渲染 user.username / channel.name；
     * POST 一律拒绝，保证充值订单的金额/状态只能由结算服务变更。
     */
    protected function _edit(): Response
    {
        $pk = $this->model->getPk();
        $id = $this->request ? ($this->request->post($pk) ?? $this->request->get($pk)) : null;
        if ($id === null || $id === '') {
            return $this->error(__('Parameter error'));
        }

        if ($this->request && $this->request->method() === 'POST') {
            return $this->error('充值订单为自动入账，禁止直接修改，如需补单请走专用工具');
        }

        $row = $this->loadWithRelations(intval(strval($id)));
        if (!$row) {
            return $this->error(__('Record not found'));
        }
        if (!$this->checkChannelScoped($row)) {
            return $this->error(__('You have no permission'));
        }

        return $this->success('', ['row' => $row]);
    }

    private function loadWithRelations(int $id): ?array
    {
        $row = $this->model
            ->withJoin($this->withJoinTable, $this->withJoinType)
            ->with($this->withJoinTable)
            ->visible([
                'user'    => ['username', 'phone'],
                'channel' => ['name'],
            ])
            ->where($this->model->getTable() . '.id', $id)
            ->find();
        if (!$row) {
            return null;
        }
        return $row->toArray();
    }

    private function checkChannelScoped(array $row): bool
    {
        if (!$this->auth || $this->auth->isSuperAdmin()) {
            return true;
        }
        $channelIds = $this->getScopedChannelIdsForFilter();
        if ($channelIds === []) {
            return false;
        }
        $raw = $row['channel_id'] ?? null;
        if ($raw === null || $raw === '') {
            return false;
        }
        if (!is_numeric(strval($raw))) {
            return false;
        }
        return in_array(intval(strval($raw)), $channelIds, true);
    }

    /**
     * @return int[]
     */
    private function getScopedChannelIdsForFilter(): array
    {
        if (!$this->auth) {
            return [0];
        }
        if ($this->auth->isSuperAdmin()) {
            return [];
        }
        $admin = Db::name('admin')->field(['id', 'channel_id'])->where('id', $this->auth->id)->find();
        $ids = [];
        if ($admin && !empty($admin['channel_id'])) {
            $ids[] = $admin['channel_id'];
        }
        return array_values(array_unique($ids));
    }
}