<?php

use Illuminate\Support\Facades\Route;
use App\Http\Controllers\DashboardController;
use App\Http\Controllers\AuthController;  //Access
use App\Http\Controllers\UserController;
use App\Http\Middleware\ForcePasswordChange;
use App\Http\Controllers\RoleController;
use App\Http\Controllers\CompanySettingsController;
use App\Http\Controllers\ProfileController;

use App\Http\Controllers\ProductController; //invetory products
use App\Http\Controllers\StockMovementController;
use App\Http\Controllers\POSController;
use App\Http\Controllers\ReportController;

// 1. The Root URL: Automatically send visitors to the dashboard.
// (If they aren't logged in, Laravel's 'auth' middleware will bounce them to /login)
Route::get('/', function () {
    return redirect('/dashboard');
});

// 2. Guest Routes (Only visible if NOT logged in)
Route::middleware('guest')->group(function () {
    // Now the visual form lives at /login
    Route::get('/login', [AuthController::class, 'show'])->name('login');
    
    // The form submits data to /login via POST
    Route::post('/login', [AuthController::class, 'authenticate']);
});

// 3. Authenticated Routes for authenticated users (Only visible IF logged in)
Route::middleware('auth')->group(function () {
    
    // --> THE NEW SETUP ROUTES <--
    Route::get('/setup-password', [AuthController::class, 'setupPassword'])->name('password.setup');
    Route::post('/setup-password', [AuthController::class, 'updatePassword'])->name('password.update');
    Route::post('/logout', [AuthController::class, 'logout'])->name('logout');

    // --> PROTECTED BY OUR NEW MIDDLEWARE <--
    Route::middleware(ForcePasswordChange::class)->group(function () {
       
    Route::get('/dashboard', [DashboardController::class, 'index'])->name('dashboard');
       // Route::get('/dashboard', function () {
       //     return view('dashboard');
       // })->name('dashboard');

        // User Management Routes
        Route::get('/users', [UserController::class, 'index'])->name('users.index');
        Route::post('/users', [UserController::class, 'store'])->name('users.store');
        Route::patch('/users/{user}/toggle-status', [UserController::class, 'toggleStatus'])->name('users.toggle');
        Route::delete('/users/{user}', [UserController::class, 'destroy'])->name('users.destroy');

        // Role Management Routes
        Route::get('/roles', [RoleController::class, 'index'])->name('roles.index');
        Route::post('/roles', [RoleController::class, 'store'])->name('roles.store');
        Route::put('/users/{user}', [UserController::class, 'update'])->name('users.update');
        Route::get('/roles/{role}/edit', [RoleController::class, 'edit'])->name('roles.edit');
        Route::put('/roles/{role}', [RoleController::class, 'update'])->name('roles.update');

        // Company Tenant Settings
        Route::get('/organization/settings', [CompanySettingsController::class, 'edit'])->name('company.settings');
        Route::put('/organization/settings', [CompanySettingsController::class, 'update'])->name('company.update');

        // Profile Management Routes
        Route::get('/profile', [ProfileController::class, 'edit'])->name('profile.edit');
        Route::put('/profile', [ProfileController::class, 'update'])->name('profile.update');

      
        // INVENTORY & PRODUCT ROUTES
        Route::get('/inventory/products', [ProductController::class, 'index'])->name('products.index');
        Route::post('/inventory/products', [ProductController::class, 'store'])->name('products.store');
        Route::post('/inventory/restock', [StockMovementController::class, 'store'])->name('stock.store');
        Route::put('/inventory/products/{product}', [ProductController::class, 'update'])->name('products.update');
        Route::get('/inventory/pos', [POSController::class, 'index'])->name('pos.index');
        Route::post('/inventory/pos/checkout', [POSController::class, 'checkout'])->name('pos.checkout');
        Route::get('/inventory/reports', [ReportController::class, 'index'])->name('reports.index');
        
        // Only users with the 'manage_inventory' permission can access the catalog
        Route::middleware('can:manage_inventory')->group(function () {
        Route::get('/inventory/products', [ProductController::class, 'index'])->name('products.index');
        // ... store, update, destroy routes
       });

        // Only users with the 'view_reports' permission can see financials
       Route::middleware('can:view_reports')->group(function () {
       Route::get('/inventory/reports', [ReportController::class, 'index'])->name('reports.index');

       Route::get('/inventory/products/{product}/analytics', [App\Http\Controllers\ProductController::class, 'analytics'])->name('products.analytics');
        
         // Only users with 'view_audit_log' can see the security logs
       Route::get('/security/audit-log', [App\Http\Controllers\SecurityLogController::class, 'index'])->name('audit.log');
       });

       // Only users with 'process_pos' can use the checkout
       Route::middleware('can:process_pos')->group(function () {
       Route::get('/inventory/pos', [POSController::class, 'index'])->name('pos.index');
       Route::post('/inventory/pos/checkout', [POSController::class, 'checkout'])->name('pos.checkout');
       });
    });
});

