<?php
/**
 * Transaction Controller
 * Handles transaction viewing, searching, and voiding
 *
 * @package RashwansBarber
 * @version 1.0
 */

class TransactionController extends Controller {

    private $transactionModel;

    public function __construct() {
        parent::__construct();
        $this->transactionModel = $this->model('Transaction');
    }

    /**
     * List all transactions
     */
     /**
     * List all transactions
     */
    public function index() {
        $this->requireLogin();

        $user = $this->getCurrentUser();
        $locationId = $user['role_name'] === 'admin' ? null : $user['location_id'];
        $userRole = $user['role_name'];

        // Get filters from URL
        $dateFrom = $_GET['date_from'] ?? date('Y-m-d');
        $dateTo = $_GET['date_to'] ?? date('Y-m-d');
        $search = $_GET['search'] ?? '';

        // CASHIER 7-DAY RESTRICTION
        if ($userRole === 'cashier') {
            $sevenDaysAgo = date('Y-m-d', strtotime('-7 days'));

            // If cashier tries to view older than 7 days, reset to 7 days
            if ($dateFrom < $sevenDaysAgo) {
                $dateFrom = $sevenDaysAgo;
            }
            if ($dateTo < $sevenDaysAgo) {
                $dateTo = date('Y-m-d');
            }
        }

        // Get transactions
        $transactions = $this->transactionModel->getAllTransactions($locationId, $dateFrom, $dateTo, $search);

        // Get summary
        $summary = $this->transactionModel->getDailySummary(
            $locationId ?? 1,
            date('Y-m-d')
        );

        $data = [
            'title' => 'Transactions - ' . config('app_name'),
            'user' => $user,
            'transactions' => $transactions,
            'summary' => $summary,
            'dateFrom' => $dateFrom,
            'dateTo' => $dateTo,
            'search' => $search,
            'sevenDayLimit' => ($userRole === 'cashier') ? date('Y-m-d', strtotime('-7 days')) : null
        ];

        $this->view('transactions/index', $data);
    }
    /**
     * View single transaction details
     * Method name: detail (not view - to avoid conflict with parent)
     *
     * @param int $transactionId Transaction ID
     */
    public function detail($transactionId = null) {
        $this->requireLogin();

        if (!$transactionId) {
            $this->setFlash('Transaction ID required', 'error');
            $this->redirect('transaction');
            return;
        }

        $transaction = $this->transactionModel->getTransactionById($transactionId);

        if (!$transaction) {
            $this->setFlash('Transaction not found', 'error');
            $this->redirect('transaction');
            return;
        }

        // Check permission
        $user = $this->getCurrentUser();
        if ($user['role_name'] !== 'admin' && $transaction['location_id'] != $user['location_id']) {
            $this->setFlash('Access denied', 'error');
            $this->redirect('transaction');
            return;
        }

        $items = $this->transactionModel->getTransactionItems($transactionId);

        $data = [
            'title' => 'Transaction Details - ' . $transaction['receipt_number'],
            'user' => $user,
            'transaction' => $transaction,
            'items' => $items
        ];

        $this->view('transactions/view', $data);
    }

    /**
     * Void a transaction (admin only)
     *
     * @param int $transactionId Transaction ID
     */
    public function void($transactionId = null) {
        $this->requireRole('admin');

        if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
            $this->redirect('transaction');
            return;
        }

        if (!$transactionId) {
            $this->setFlash('Transaction ID required', 'error');
            $this->redirect('transaction');
            return;
        }

        // Validate CSRF
        if (!$this->validateCSRF($_POST['csrf_token'] ?? '')) {
            $this->setFlash('Invalid security token', 'error');
            $this->redirect('transaction');
            return;
        }

        $reason = $this->sanitize($_POST['reason'] ?? '');

        if (empty($reason)) {
            $this->setFlash('Please provide a reason for voiding', 'error');
            $this->redirect('transaction/detail/' . $transactionId);
            return;
        }

        $userId = $_SESSION['user_id'];

        if ($this->transactionModel->voidTransaction($transactionId, $reason, $userId)) {
            $this->logAudit('void_transaction', 'transactions', $transactionId, null, ['reason' => $reason]);
            $this->setFlash('Transaction voided successfully', 'success');
        } else {
            $this->setFlash('Failed to void transaction', 'error');
        }

        $this->redirect('transaction');
    }

    /**
     * Search transactions (AJAX)
     */
    public function search() {
        header('Content-Type: application/json');

        $this->requireLogin();

        $user = $this->getCurrentUser();
        $locationId = $user['role_name'] === 'admin' ? null : $user['location_id'];

        $search = $_GET['q'] ?? '';

        $transactions = $this->transactionModel->getAllTransactions($locationId, null, null, $search);

        $this->json([
            'success' => true,
            'transactions' => $transactions
        ]);
    }

    /**
     * Print receipt
     *
     * @param int $transactionId Transaction ID
     */
    public function receipt($transactionId = null) {
        $this->requireLogin();

        if (!$transactionId) {
            die('Transaction ID required');
        }

        $transaction = $this->transactionModel->getTransactionById($transactionId);

        if (!$transaction) {
            die('Transaction not found');
        }

        $items = $this->transactionModel->getTransactionItems($transactionId);

        $data = [
            'transaction' => $transaction,
            'items' => $items
        ];

        $this->view('transactions/receipt', $data);
    }
}
?>