package server

import (
	"github.com/gorilla/mux"
)

// setupRoutes configures all HTTP routes and their handlers
func (s *Server) setupRoutes() *mux.Router {
	router := mux.NewRouter()

	// Health endpoint (always available)
	router.HandleFunc("/health", s.healthHandler).Methods("GET")

	// KV endpoints (always available - see issue #5 for anonymous access control)
	router.HandleFunc("/kv/{path:.+}", s.getKVHandler).Methods("GET")
	router.HandleFunc("/kv/{path:.+}", s.putKVHandler).Methods("PUT")
	router.HandleFunc("/kv/{path:.+}", s.deleteKVHandler).Methods("DELETE")

	// Member endpoints (available when clustering is enabled)
	if s.config.ClusteringEnabled {
		router.HandleFunc("/members/", s.getMembersHandler).Methods("GET")
		router.HandleFunc("/members/join", s.joinMemberHandler).Methods("POST")
		router.HandleFunc("/members/leave", s.leaveMemberHandler).Methods("DELETE")
		router.HandleFunc("/members/gossip", s.gossipHandler).Methods("POST")
		router.HandleFunc("/members/pairs_by_time", s.pairsByTimeHandler).Methods("POST")

		// Merkle Tree endpoints (clustering feature)
		router.HandleFunc("/merkle_tree/root", s.getMerkleRootHandler).Methods("GET")
		router.HandleFunc("/merkle_tree/diff", s.getMerkleDiffHandler).Methods("POST")
		router.HandleFunc("/kv_range", s.getKVRangeHandler).Methods("POST")
	}

	// Authentication and user management endpoints (available when auth is enabled)
	if s.config.AuthEnabled {
		// User Management endpoints (with authentication middleware)
		router.Handle("/api/users", s.authService.Middleware(
			[]string{"admin:users:create"}, nil, "",
		)(s.createUserHandler)).Methods("POST")
		
		router.Handle("/api/users/{uuid}", s.authService.Middleware(
			[]string{"admin:users:read"}, nil, "",
		)(s.getUserHandler)).Methods("GET")
		
		router.Handle("/api/users/{uuid}", s.authService.Middleware(
			[]string{"admin:users:update"}, nil, "",
		)(s.updateUserHandler)).Methods("PUT")
		
		router.Handle("/api/users/{uuid}", s.authService.Middleware(
			[]string{"admin:users:delete"}, nil, "",
		)(s.deleteUserHandler)).Methods("DELETE")

		// Group Management endpoints (with authentication middleware)
		router.Handle("/api/groups", s.authService.Middleware(
			[]string{"admin:groups:create"}, nil, "",
		)(s.createGroupHandler)).Methods("POST")
		
		router.Handle("/api/groups/{uuid}", s.authService.Middleware(
			[]string{"admin:groups:read"}, nil, "",
		)(s.getGroupHandler)).Methods("GET")
		
		router.Handle("/api/groups/{uuid}", s.authService.Middleware(
			[]string{"admin:groups:update"}, nil, "",
		)(s.updateGroupHandler)).Methods("PUT")
		
		router.Handle("/api/groups/{uuid}", s.authService.Middleware(
			[]string{"admin:groups:delete"}, nil, "",
		)(s.deleteGroupHandler)).Methods("DELETE")

		// Token Management endpoints (with authentication middleware)
		router.Handle("/api/tokens", s.authService.Middleware(
			[]string{"admin:tokens:create"}, nil, "",
		)(s.createTokenHandler)).Methods("POST")
	}

	// Revision History endpoints (available when revision history is enabled)
	if s.config.RevisionHistoryEnabled {
		router.HandleFunc("/api/data/{key}/history", s.getRevisionHistoryHandler).Methods("GET")
		router.HandleFunc("/api/data/{key}/history/{revision}", s.getSpecificRevisionHandler).Methods("GET")
	}

	// Backup Status endpoint (always available if backup is enabled)
	router.HandleFunc("/api/backup/status", s.getBackupStatusHandler).Methods("GET")

	return router
}