from django.http import HttpResponseRedirect, HttpResponseForbidden, HttpResponse
from django.shortcuts import render
from .models import User, Company
from .model_handler import UserHandler, CompanyHandler
from django.contrib.auth.hashers import make_password, check_password


def new_user(request):
    user = UserHandler.get_by_id(request.session.get('user_id'))
    if not user.admin:
        return HttpResponse(status=403)
    if request.method == 'GET':
        return render(request, 'info/company/user_create.html')
    if request.method == 'POST':
        company = CompanyHandler.get_by_id(request.session.get('company_id'))
        user = User()
        user.name = request.POST.get('name').strip()
        user.email = request.POST.get('email').strip()
        user.mobile = request.POST.get('mobile').strip()
        user.position = request.POST.get('position').strip()
        user.password = make_password('123456')
        user.company = company
        user.save()
        return render(request=request, template_name='info/directPage.html', context={'alertMsg': '用户添加成功，默认密码123456', 'dirLink': '/home/'})


def user_manager(request):
    user = UserHandler.get_by_id(request.session.get('user_id'))
    if not user.admin:
        return HttpResponse(status=403)
    if request.method == 'GET':
        return render(request, 'info/company/user_manager.html')

def profile(request):
    user = UserHandler.get_by_id(request.session.get('user_id'))
    company = CompanyHandler.get_by_id(request.session.get('company_id'))
    if not user.admin:
        return HttpResponse(status=403)
    if request.method == 'GET':
        return render(request, 'info/company/profile.html', {'company': company})
    if request.method == 'POST':
        company.name = request.POST.get('company_name').strip()
        company.address = request.POST.get('company_address').strip()
        company.license_id = request.POST.get('company_license').strip()
        company.phone = request.POST.get('phone').strip()
        company.primary_contact_name = request.POST.get('primary_contact_name').strip()
        company.primary_contact_mobile = request.POST.get('primary_contact_mobile').strip()
        company.primary_contact_email = request.POST.get('primary_contact_email').strip()
        company.save()
        return render(request=request, template_name='info/directPage.html', context={'alertMsg': '更新成功', 'dirLink': '/home/'})