from rest_framework import viewsets, status
from rest_framework.decorators import action
from rest_framework.response import Response

from djeveric import ConfirmationView
from userausfall.models import User, MissingUserAttribute, PasswordMismatch
from userausfall.confirmations import ConfidantConfirmation
from userausfall.rest_api.serializers import (
    ActivateUserSerializer,
    CreateUserSerializer,
    TrustBridgeSerializer, RetrieveUserSerializer,
)


class ConfidantConfirmationView(ConfirmationView):
    confirmation_class = ConfidantConfirmation


class UserViewSet(viewsets.ModelViewSet):
    # permission_classes = [UserPermission]
    queryset = User.objects.all()

    @action(detail=False)
    def me(self, request):
        """Retrieve user data for logged in user."""
        user = request.user
        serializer = RetrieveUserSerializer(user)
        return Response(serializer.data)

    @action(detail=False, methods=["post"])
    def activate(self, request, pk=None):
        """Create the corresponding LDAP account."""
        user: User = request.user  # self.get_object()
        serializer = ActivateUserSerializer(data=request.data)
        if serializer.is_valid():
            try:
                # We prevent untrusted user accounts from being activated via API.
                # They might be activated via Admin or programmatically.
                if not user.trust_bridge.is_trusted:
                    raise MissingUserAttribute("User has no trusted trust bridge.")
                user.create_ldap_account(serializer.validated_data["password"])
            except (MissingUserAttribute, PasswordMismatch) as e:
                return Response({"message": str(e)}, status=status.HTTP_400_BAD_REQUEST)
            return Response(status=status.HTTP_204_NO_CONTENT)
        else:
            return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

    def get_serializer_class(self):
        if self.action == "create":
            return CreateUserSerializer