import { createClient } from '@supabase/supabase-js';

const FB_SOURCE = 'files';

function normalizePath(path) {
  const raw = String(path || '/').trim();
  const parts = raw.split('/').filter(Boolean);
  const clean = [];
  for (const part of parts) {
    if (part === '.') continue;
    if (part === '..') throw new Error('Invalid path');
    clean.push(part);
  }
  return `/${clean.join('/')}`;
}

function joinPath(...parts) {
  return normalizePath(parts.join('/'));
}

function safeName(value) {
  return String(value || '')
    .trim()
    .replace(/[\\/:*?"<>|#%{}^~[\]`]+/g, '-')
    .replace(/\s+/g, ' ')
    .replace(/^-+|-+$/g, '');
}

function getConfig() {
  const url = String(process.env.FILEBROWSER_URL || '').trim().replace(/\/+$/, '');
  return {
    url,
    token: process.env.FILEBROWSER_TOKEN || '',
    clientRoot: normalizePath(process.env.FILEBROWSER_CLIENT_ROOT || '/fourgebranding/Clients'),
    configured: Boolean(url),
  };
}

async function fbFetch(config, method, endpoint, { params = {}, headers = {}, body } = {}) {
  const qs = new URLSearchParams({ source: FB_SOURCE, ...params }).toString();
  const res = await fetch(`${config.url}${endpoint}?${qs}`, {
    method,
    headers: { Authorization: `Bearer ${config.token}`, ...headers },
    body,
  });
  if (!res.ok) {
    const text = await res.text();
    throw new Error(text || `FileBrowser ${res.status}`);
  }
  return res;
}

async function mkdir(config, path) {
  await fbFetch(config, 'POST', '/api/resources', {
    params: { path, isDir: 'true' },
  }).catch(() => {});
}

function json(res, status, body) {
  return res.status(status).json(body);
}

export default async function handler(req, res) {
  if (req.method !== 'POST') return json(res, 405, { error: 'Method not allowed' });

  const secret = process.env.SUPABASE_WEBHOOK_SECRET;
  if (secret) {
    const incoming = req.headers['x-webhook-secret'] || '';
    if (incoming.trim() !== secret.trim()) return json(res, 401, { error: 'Unauthorized' });
  }

  const supabaseUrl = process.env.VITE_SUPABASE_URL || process.env.SUPABASE_URL;
  const serviceRoleKey = process.env.SUPABASE_SERVICE_ROLE_KEY;
  if (!supabaseUrl || !serviceRoleKey) return json(res, 500, { error: 'Supabase env not configured' });

  const admin = createClient(supabaseUrl, serviceRoleKey, {
    auth: { persistSession: false, autoRefreshToken: false },
  });

  const config = getConfig();
  if (!config.configured || !config.token) return json(res, 200, { ok: true, skipped: 'FileBrowser not configured' });

  // Fetch all submission files with task/project/company context
  const { data: rows, error } = await admin
    .from('submission_files')
    .select(`
      id, name, storage_path, size,
      submission:submissions!inner(
        id, version_number,
        task:tasks!inner(
          id, title,
          project:projects!inner(
            id, name,
            company:companies!inner(name)
          )
        )
      )
    `);

  if (error) return json(res, 500, { error: error.message });

  // Group by task + version_number, skip groups with no files
  const groups = new Map();
  for (const row of rows || []) {
    const sub = row.submission;
    const task = sub?.task;
    const project = task?.project;
    const company = project?.company;
    if (!task || !project || !company) continue;

    const key = `${task.id}::${sub.version_number}`;
    if (!groups.has(key)) {
      groups.set(key, {
        companyName: company.name,
        projectName: project.name,
        taskTitle: task.title,
        versionNumber: sub.version_number,
        files: [],
      });
    }
    groups.get(key).files.push({ name: row.name, storage_path: row.storage_path });
  }

  const results = { processed: 0, skipped: 0, errors: [] };

  for (const group of groups.values()) {
    if (group.files.length === 0) { results.skipped++; continue; }

    const revFolder = `R${String(group.versionNumber).padStart(2, '0')}`;
    const companyDir = joinPath(config.clientRoot, safeName(group.companyName));
    const projectDir = joinPath(companyDir, 'Projects', safeName(group.projectName));
    const taskDir = joinPath(projectDir, safeName(group.taskTitle));
    const requestInfoDir = joinPath(taskDir, 'Request Info');
    const revDir = joinPath(requestInfoDir, revFolder);

    // Ensure all parent dirs exist
    await mkdir(config, companyDir);
    await mkdir(config, joinPath(companyDir, 'Projects'));
    await mkdir(config, projectDir);
    await mkdir(config, taskDir);
    await mkdir(config, requestInfoDir);
    await mkdir(config, revDir);

    for (const file of group.files) {
      try {
        // Get signed URL from Supabase Storage
        const { data: signed, error: signedError } = await admin.storage
          .from('submissions')
          .createSignedUrl(file.storage_path, 60);
        if (signedError || !signed?.signedUrl) {
          results.errors.push(`signed url failed: ${file.storage_path}`);
          continue;
        }

        // Download file from Supabase Storage
        const fileRes = await fetch(signed.signedUrl);
        if (!fileRes.ok) {
          results.errors.push(`download failed: ${file.name}`);
          continue;
        }
        const fileBuffer = await fileRes.arrayBuffer();

        // Upload to FileBrowser
        const fbFilePath = joinPath(revDir, file.name);
        await fbFetch(config, 'POST', '/api/resources', {
          params: { path: fbFilePath, override: 'true' },
          headers: { 'Content-Type': 'application/octet-stream' },
          body: fileBuffer,
        });

        results.processed++;
      } catch (err) {
        results.errors.push(`${file.name}: ${err.message}`);
      }
    }
  }

  return json(res, 200, { ok: true, ...results });
}