import { Router } from 'express';
import { restaurantController } from '../controllers/restaurant.controller';
import { authenticate, hasRole, hasPermission, hasRestaurantAccess } from '../middlewares/auth.middleware';
import { validate } from '../middlewares/validation.middleware';
import { restaurantValidators } from '../validators/restaurant.validator';
import authConfig from '../../config/auth';
import { syncLimiter } from '../middlewares/rate-limiter.middleware';

// Create router
const router = Router();

// Restaurant Group routes
router.get(
  '/groups',
  authenticate,
  hasPermission([authConfig.permissions.readRestaurant]),
  restaurantController.getAllGroups.bind(restaurantController)
);

router.get(
  '/groups/:id',
  authenticate,
  hasPermission([authConfig.permissions.readRestaurant]),
  hasRestaurantAccess('id'),
  restaurantController.getGroupById.bind(restaurantController)
);

router.post(
  '/groups',
  authenticate,
  hasPermission([authConfig.permissions.createRestaurant]),
  validate(restaurantValidators.createGroup),
  restaurantController.createGroup.bind(restaurantController)
);

router.put(
  '/groups/:id',
  authenticate,
  hasPermission([authConfig.permissions.updateRestaurant]),
  hasRestaurantAccess('id'),
  validate(restaurantValidators.updateGroup),
  restaurantController.updateGroup.bind(restaurantController)
);

router.delete(
  '/groups/:id',
  authenticate,
  hasPermission([authConfig.permissions.deleteRestaurant]),
  hasRestaurantAccess('id'),
  restaurantController.deleteGroup.bind(restaurantController)
);

router.get(
  '/groups/:id/hierarchy',
  authenticate,
  hasPermission([authConfig.permissions.readRestaurant]),
  hasRestaurantAccess('id'),
  restaurantController.getGroupHierarchy.bind(restaurantController)
);

// Restaurant Brand routes
router.get(
  '/groups/:groupId/brands',
  authenticate,
  hasPermission([authConfig.permissions.readRestaurant]),
  hasRestaurantAccess('groupId'),
  restaurantController.getBrandsByGroupId.bind(restaurantController)
);

router.post(
  '/groups/:groupId/brands',
  authenticate,
  hasPermission([authConfig.permissions.createRestaurant]),
  hasRestaurantAccess('groupId'),
  validate(restaurantValidators.createBrand),
  restaurantController.createBrand.bind(restaurantController)
);

router.put(
  '/brands/:id',
  authenticate,
  hasPermission([authConfig.permissions.updateRestaurant]),
  hasRestaurantAccess('id'),
  validate(restaurantValidators.updateBrand),
  restaurantController.updateBrand.bind(restaurantController)
);

router.delete(
  '/brands/:id',
  authenticate,
  hasPermission([authConfig.permissions.deleteRestaurant]),
  hasRestaurantAccess('id'),
  restaurantController.deleteBrand.bind(restaurantController)
);

// Restaurant Outlet routes
router.get(
  '/brands/:brandId/outlets',
  authenticate,
  hasPermission([authConfig.permissions.readRestaurant]),
  hasRestaurantAccess('brandId'),
  restaurantController.getOutletsByBrandId.bind(restaurantController)
);

router.post(
  '/brands/:brandId/outlets',
  authenticate,
  hasPermission([authConfig.permissions.createRestaurant]),
  hasRestaurantAccess('brandId'),
  validate(restaurantValidators.createOutlet),
  restaurantController.createOutlet.bind(restaurantController)
);

router.put(
  '/outlets/:id',
  authenticate,
  hasPermission([authConfig.permissions.updateRestaurant]),
  hasRestaurantAccess('id'),
  validate(restaurantValidators.updateOutlet),
  restaurantController.updateOutlet.bind(restaurantController)
);

router.delete(
  '/outlets/:id',
  authenticate,
  hasPermission([authConfig.permissions.deleteRestaurant]),
  hasRestaurantAccess('id'),
  restaurantController.deleteOutlet.bind(restaurantController)
);

// Special routes for POS integration
router.get(
  '/outlets/pos/:posId',
  authenticate,
  hasPermission([authConfig.permissions.readRestaurant]),
  syncLimiter,
  restaurantController.getOutletByPosId.bind(restaurantController)
);

export default router;