# coding=utf-8
# --------------------------------------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License. See License.txt in the project root for license information.
# --------------------------------------------------------------------------------------------

from knack.log import get_logger
from azext_iot.common.utility import handle_service_exception
from azext_iot.deviceupdate.common import ADUPublicNetworkAccessType, ADUAccountSKUType
from azext_iot.deviceupdate.providers.base import (
    DeviceUpdateMgmtModels,
    DeviceUpdateAccountManager,
    parse_account_rg,
    ARMPolling,
    AzureError,
)
from typing import Optional

logger = get_logger(__name__)

# Accounts


def create_account(
    cmd,
    name: str,
    resource_group_name: str,
    location: Optional[str] = None,
    tags: Optional[dict] = None,
    public_network_access: str = ADUPublicNetworkAccessType.ENABLED.value,
    assign_identity: Optional[list] = None,
    scopes: Optional[list] = None,
    role: str = "Contributor",
    sku: str = ADUAccountSKUType.STANDARD.value,
):
    account_manager = DeviceUpdateAccountManager(cmd=cmd)
    if not location:
        location = account_manager.get_rg_location(resource_group_name=resource_group_name)

    account_manager = DeviceUpdateAccountManager(cmd=cmd)
    identity = account_manager.assemble_account_auth(assign_identity)
    account = DeviceUpdateMgmtModels.Account(
        location=location, tags=tags, public_network_access=public_network_access, identity=identity, sku=sku
    )

    def rbac_handler(lro: ARMPolling):
        if not scopes:
            return

        instance = lro.resource().as_dict()
        identity = instance.get("identity", {})
        if identity:
            identity_type: str = identity.get("type")
            principal_id: str = identity.get("principal_id")

            if principal_id and scopes and identity_type and "SystemAssigned" in identity_type:
                for scope in scopes:
                    logger.info(
                        "Applying rbac assignment: Principal Id: {}, Scope: {}, Role: {}".format(
                            principal_id, scope, role
                        )
                    )
                    logger.info(account_manager.assign_msi_scope(scope=scope, principal_id=principal_id, role=role))

    try:
        create_poller = account_manager.mgmt_client.accounts.begin_create(
            resource_group_name=resource_group_name, account_name=name, account=account
        )
        create_poller.add_done_callback(rbac_handler)
        return create_poller
    except AzureError as e:
        handle_service_exception(e)


def update_account(cmd, parameters: DeviceUpdateMgmtModels.Account):
    account_manager = DeviceUpdateAccountManager(cmd=cmd)

    # Supported update operations are PUT or PATCH based. CLI wise we are supporting only PUT.
    try:
        return account_manager.mgmt_client.accounts.begin_create(
            resource_group_name=parse_account_rg(parameters.id),
            account_name=parameters.name,
            account=parameters,
        )
    except AzureError as e:
        handle_service_exception(e)


def list_accounts(cmd, resource_group_name: Optional[str] = None):
    account_manager = DeviceUpdateAccountManager(cmd=cmd)
    try:
        if resource_group_name:
            return account_manager.mgmt_client.accounts.list_by_resource_group(resource_group_name=resource_group_name)
        return account_manager.mgmt_client.accounts.list_by_subscription()
    except AzureError as e:
        handle_service_exception(e)


def show_account(cmd, name: str, resource_group_name: Optional[str] = None):
    account_manager = DeviceUpdateAccountManager(cmd=cmd)
    return account_manager.find_account(target_name=name, target_rg=resource_group_name).account


def delete_account(cmd, name: str, resource_group_name: Optional[str] = None):
    account_manager = DeviceUpdateAccountManager(cmd=cmd)
    account_container = account_manager.find_account(target_name=name, target_rg=resource_group_name)
    try:
        return account_manager.mgmt_client.accounts.begin_delete(
            resource_group_name=account_container.resource_group, account_name=name
        )
    except AzureError as e:
        handle_service_exception(e)


def wait_on_account(cmd, name: str, resource_group_name: Optional[str] = None):
    return show_account(cmd=cmd, name=name, resource_group_name=resource_group_name)


def show_account_private_connection(cmd, name: str, conn_name: str, resource_group_name: Optional[str] = None):
    account_manager = DeviceUpdateAccountManager(cmd=cmd)
    account_container = account_manager.find_account(target_name=name, target_rg=resource_group_name)
    try:
        return account_manager.mgmt_client.private_endpoint_connections.get(
            resource_group_name=account_container.resource_group,
            account_name=name,
            private_endpoint_connection_name=conn_name,
        )
    except AzureError as e:
        handle_service_exception(e)


def list_account_private_connections(cmd, name: str, resource_group_name: Optional[str] = None):
    account_manager = DeviceUpdateAccountManager(cmd=cmd)
    account_container = account_manager.find_account(target_name=name, target_rg=resource_group_name)
    try:
        return account_manager.mgmt_client.private_endpoint_connections.list_by_account(
            resource_group_name=account_container.resource_group, account_name=name
        )
    except AzureError as e:
        handle_service_exception(e)


def set_account_private_connection(
    cmd,
    name: str,
    conn_name: str,
    status: str,
    description: Optional[str] = None,
    resource_group_name: Optional[str] = None,
):
    account_manager = DeviceUpdateAccountManager(cmd=cmd)
    account_container = account_manager.find_account(target_name=name, target_rg=resource_group_name)
    try:
        return account_manager.mgmt_client.private_endpoint_connections.begin_create_or_update(
            resource_group_name=account_container.resource_group,
            account_name=name,
            private_endpoint_connection_name=conn_name,
            private_endpoint_connection=DeviceUpdateMgmtModels.PrivateEndpointConnection(
                private_link_service_connection_state=DeviceUpdateMgmtModels.PrivateLinkServiceConnectionState(
                    status=status, description=description
                )
            ),
        )
    except AzureError as e:
        handle_service_exception(e)


def delete_account_private_connection(
    cmd,
    name: str,
    conn_name: str,
    resource_group_name: Optional[str] = None,
):
    account_manager = DeviceUpdateAccountManager(cmd=cmd)
    account_container = account_manager.find_account(target_name=name, target_rg=resource_group_name)
    try:
        return account_manager.mgmt_client.private_endpoint_connections.begin_delete(
            resource_group_name=account_container.resource_group,
            account_name=name,
            private_endpoint_connection_name=conn_name,
        )
    except AzureError as e:
        handle_service_exception(e)


def list_account_private_links(cmd, name: str, resource_group_name: Optional[str] = None):
    account_manager = DeviceUpdateAccountManager(cmd=cmd)
    account_container = account_manager.find_account(target_name=name, target_rg=resource_group_name)
    try:
        return account_manager.mgmt_client.private_link_resources.list_by_account(
            resource_group_name=account_container.resource_group, account_name=name
        )
    except AzureError as e:
        handle_service_exception(e)