from rest_framework import status
from rest_framework.response import Response
from rest_framework.views import APIView
from rest_framework.permissions import IsAuthenticated
from django.contrib.auth import get_user_model
from apps.core.serializers.updateuserbysuperadmin import SuperAdminUserUpdateSerializer

User = get_user_model()


class SuperAdminUserUpdateView(APIView):
    permission_classes = [IsAuthenticated]

    def patch(self, request, user_id):
        # Check if user is super admin OR has manage_users permission
        if not (request.user.is_superuser or request.user.has_company_permission('manage_users')):
            return Response(
                {'error': 'You do not have permission to update user'},
                status=status.HTTP_403_FORBIDDEN
            )

        try:
            user = User.objects.get(id=user_id)
        except User.DoesNotExist:
            return Response({'error': 'User not found'}, status=status.HTTP_404_NOT_FOUND)

        serializer = SuperAdminUserUpdateSerializer(user, data=request.data, partial=True, context={'request': request})

        if serializer.is_valid():
            updated_user = serializer.save()

            # Prepare response
            response_data = {
                'message': 'User updated successfully',
                'user': serializer.data
            }

            # Add warnings if any
            if hasattr(updated_user, '_company_warnings'):
                response_data['warnings'] = updated_user._company_warnings

            return Response(response_data, status=status.HTTP_200_OK)

        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)