import { execute, queryOne } from '../../../utils/db'
import { getCurrentUserId } from '../../../utils/user'
import crypto from 'crypto'

interface UpdateBody {
  vcsUsername?: string
  vcsEmail?: string
  authType?: string
  credential?: string
  isActive?: boolean
}

function encryptCredential(text: string): string {
  const key = process.env.ENCRYPTION_KEY || 'weeklyreport-default-key-32byte!'
  const iv = crypto.randomBytes(16)
  const cipher = crypto.createCipheriv('aes-256-cbc', Buffer.from(key.padEnd(32, '0').slice(0, 32)), iv)
  let encrypted = cipher.update(text, 'utf8', 'hex')
  encrypted += cipher.final('hex')
  return iv.toString('hex') + ':' + encrypted
}

/**
 * VCS 계정 수정
 * PUT /api/vcs-account/[id]/update
 */
export default defineEventHandler(async (event) => {
  const accountId = Number(getRouterParam(event, 'id'))
  const body = await readBody<UpdateBody>(event)
  const userId = await getCurrentUserId(event)
  
  const existing = await queryOne(
    'SELECT * FROM wr_employee_vcs_account WHERE account_id = $1 AND employee_id = $2',
    [accountId, userId]
  )
  if (!existing) {
    throw createError({ statusCode: 404, message: 'VCS 계정을 찾을 수 없습니다.' })
  }
  
  const updates: string[] = []
  const values: any[] = []
  let paramIndex = 1
  
  if (body.vcsUsername !== undefined) {
    updates.push(`vcs_username = $${paramIndex++}`)
    values.push(body.vcsUsername)
  }
  
  if (body.vcsEmail !== undefined) {
    updates.push(`vcs_email = $${paramIndex++}`)
    values.push(body.vcsEmail)
  }
  
  if (body.authType !== undefined) {
    updates.push(`auth_type = $${paramIndex++}`)
    values.push(body.authType)
  }
  
  if (body.credential !== undefined && body.credential) {
    updates.push(`encrypted_credential = $${paramIndex++}`)
    values.push(encryptCredential(body.credential))
  }
  
  if (body.isActive !== undefined) {
    updates.push(`is_active = $${paramIndex++}`)
    values.push(body.isActive)
  }
  
  if (updates.length === 0) {
    return { success: true, message: '변경된 내용이 없습니다.' }
  }
  
  updates.push('updated_at = NOW()')
  values.push(accountId)
  
  await execute(`
    UPDATE wr_employee_vcs_account SET ${updates.join(', ')} WHERE account_id = $${paramIndex}
  `, values)
  
  return { success: true }
})