"""
تطبيق Flask لمتجر المنتجات الرقمية + لوحة تحكم متصلة بقاعدة بيانات SQLite.

التشغيل:
    pip install -r requirements.txt
    python app.py
ثم افتح:  http://127.0.0.1:5000        (المتجر)
          http://127.0.0.1:5000/admin  (لوحة التحكم)
"""
import json
from flask import Flask, render_template, request, jsonify, g
from database import init_db, get_db

app = Flask(__name__)


# ---------- إدارة الاتصال ----------
@app.before_request
def _open_db():
    g.db = get_db()


@app.teardown_request
def _close_db(exc):
    db = g.pop("db", None)
    if db is not None:
        db.close()


def rows(sql, args=()):
    return [dict(r) for r in g.db.execute(sql, args).fetchall()]


def row(sql, args=()):
    r = g.db.execute(sql, args).fetchone()
    return dict(r) if r else None


# ============================================================
#  الصفحات
# ============================================================
@app.route("/")
def store():
    return render_template("index.html")


@app.route("/admin")
def admin():
    return render_template("admin.html")


# ============================================================
#  الإعدادات
# ============================================================
@app.route("/api/settings", methods=["GET"])
def get_settings():
    data = {r["key"]: r["value"] for r in g.db.execute("SELECT key,value FROM settings")}
    return jsonify(data)


@app.route("/api/settings", methods=["PUT"])
def update_settings():
    payload = request.get_json(force=True) or {}
    for k, v in payload.items():
        g.db.execute(
            "INSERT INTO settings(key,value) VALUES(?,?) "
            "ON CONFLICT(key) DO UPDATE SET value=excluded.value",
            (k, str(v)),
        )
    g.db.commit()
    return jsonify({"ok": True})


# ============================================================
#  المنتجات (CRUD)
# ============================================================
@app.route("/api/products", methods=["GET"])
def list_products():
    return jsonify(rows("SELECT * FROM products ORDER BY id DESC"))


@app.route("/api/products", methods=["POST"])
def create_product():
    d = request.get_json(force=True) or {}
    cur = g.db.execute(
        "INSERT INTO products(name,category,price,old_price,rating,featured,badge,emoji,description)"
        " VALUES(?,?,?,?,?,?,?,?,?)",
        (d.get("name", "منتج"), d.get("category", "عام"), d.get("price", 0),
         d.get("old_price", 0), d.get("rating", 5), int(bool(d.get("featured"))),
         d.get("badge", ""), d.get("emoji", "📦"), d.get("description", "")),
    )
    g.db.commit()
    return jsonify(row("SELECT * FROM products WHERE id=?", (cur.lastrowid,))), 201


@app.route("/api/products/<int:pid>", methods=["PUT"])
def update_product(pid):
    d = request.get_json(force=True) or {}
    g.db.execute(
        "UPDATE products SET name=?,category=?,price=?,old_price=?,rating=?,"
        "featured=?,badge=?,emoji=?,description=? WHERE id=?",
        (d.get("name"), d.get("category"), d.get("price"), d.get("old_price"),
         d.get("rating"), int(bool(d.get("featured"))), d.get("badge"),
         d.get("emoji"), d.get("description"), pid),
    )
    g.db.commit()
    return jsonify(row("SELECT * FROM products WHERE id=?", (pid,)))


@app.route("/api/products/<int:pid>", methods=["DELETE"])
def delete_product(pid):
    g.db.execute("DELETE FROM products WHERE id=?", (pid,))
    g.db.commit()
    return jsonify({"ok": True})


# ============================================================
#  الخدمات (CRUD)
# ============================================================
@app.route("/api/services", methods=["GET"])
def list_services():
    return jsonify(rows("SELECT * FROM services ORDER BY id"))


@app.route("/api/services", methods=["POST"])
def create_service():
    d = request.get_json(force=True) or {}
    cur = g.db.execute(
        "INSERT INTO services(title,emoji,description) VALUES(?,?,?)",
        (d.get("title", "خدمة"), d.get("emoji", "✨"), d.get("description", "")),
    )
    g.db.commit()
    return jsonify(row("SELECT * FROM services WHERE id=?", (cur.lastrowid,))), 201


@app.route("/api/services/<int:sid>", methods=["PUT"])
def update_service(sid):
    d = request.get_json(force=True) or {}
    g.db.execute(
        "UPDATE services SET title=?,emoji=?,description=? WHERE id=?",
        (d.get("title"), d.get("emoji"), d.get("description"), sid),
    )
    g.db.commit()
    return jsonify(row("SELECT * FROM services WHERE id=?", (sid,)))


@app.route("/api/services/<int:sid>", methods=["DELETE"])
def delete_service(sid):
    g.db.execute("DELETE FROM services WHERE id=?", (sid,))
    g.db.commit()
    return jsonify({"ok": True})


# ============================================================
#  العملاء والطلبات (Checkout)
# ============================================================
@app.route("/api/customers", methods=["GET"])
def list_customers():
    return jsonify(rows(
        "SELECT c.*, "
        "(SELECT COUNT(*) FROM orders o WHERE o.customer_id=c.id) AS orders_count, "
        "(SELECT COALESCE(SUM(total),0) FROM orders o WHERE o.customer_id=c.id) AS total_spent "
        "FROM customers c ORDER BY c.id DESC"
    ))


@app.route("/api/orders", methods=["GET"])
def list_orders():
    return jsonify(rows(
        "SELECT o.*, c.name AS customer_name, c.email AS customer_email "
        "FROM orders o LEFT JOIN customers c ON c.id=o.customer_id ORDER BY o.id DESC"
    ))


@app.route("/api/checkout", methods=["POST"])
def checkout():
    """ينشئ عميلاً (أو يحدّثه) وطلباً بالعناصر المختارة."""
    d = request.get_json(force=True) or {}
    name = (d.get("name") or "").strip() or "عميل"
    email = (d.get("email") or "").strip()
    phone = (d.get("phone") or "").strip()
    items = d.get("items", [])
    if not items:
        return jsonify({"error": "السلة فارغة"}), 400

    # عميل: حدّث إن وُجد البريد، وإلا أنشئ
    cust = row("SELECT * FROM customers WHERE email=?", (email,)) if email else None
    if cust:
        g.db.execute("UPDATE customers SET name=?,phone=? WHERE id=?", (name, phone, cust["id"]))
        cid = cust["id"]
    else:
        cur = g.db.execute(
            "INSERT INTO customers(name,email,phone) VALUES(?,?,?)", (name, email, phone)
        )
        cid = cur.lastrowid

    total = sum(float(i.get("price", 0)) * int(i.get("qty", 1)) for i in items)
    cur = g.db.execute(
        "INSERT INTO orders(customer_id,total,status,items_json) VALUES(?,?,?,?)",
        (cid, total, "جديد", json.dumps(items, ensure_ascii=False)),
    )
    g.db.commit()
    return jsonify({"ok": True, "order_id": cur.lastrowid, "total": total}), 201


@app.route("/api/orders/<int:oid>", methods=["PUT"])
def update_order(oid):
    d = request.get_json(force=True) or {}
    g.db.execute("UPDATE orders SET status=? WHERE id=?", (d.get("status", "جديد"), oid))
    g.db.commit()
    return jsonify({"ok": True})


# ============================================================
#  الرسائل (الدردشة / نموذج التواصل)
# ============================================================
@app.route("/api/messages", methods=["GET"])
def list_messages():
    return jsonify(rows("SELECT * FROM messages ORDER BY id DESC LIMIT 200"))


@app.route("/api/messages", methods=["POST"])
def create_message():
    d = request.get_json(force=True) or {}
    if not (d.get("body") or "").strip():
        return jsonify({"error": "الرسالة فارغة"}), 400
    g.db.execute(
        "INSERT INTO messages(name,email,body,source) VALUES(?,?,?,?)",
        (d.get("name", "زائر"), d.get("email", ""), d["body"], d.get("source", "chat")),
    )
    g.db.commit()
    return jsonify({"ok": True})


# ============================================================
#  إحصائيات لوحة التحكم
# ============================================================
@app.route("/api/stats", methods=["GET"])
def stats():
    return jsonify({
        "products": row("SELECT COUNT(*) c FROM products")["c"],
        "featured": row("SELECT COUNT(*) c FROM products WHERE featured=1")["c"],
        "services": row("SELECT COUNT(*) c FROM services")["c"],
        "customers": row("SELECT COUNT(*) c FROM customers")["c"],
        "orders": row("SELECT COUNT(*) c FROM orders")["c"],
        "revenue": row("SELECT COALESCE(SUM(total),0) s FROM orders")["s"],
        "messages": row("SELECT COUNT(*) c FROM messages")["c"],
    })


if __name__ == "__main__":
    init_db()
    app.run(host="0.0.0.0", port=5000, debug=True)