<cfsetting showdebugoutput="false">
<cfsetting enablecfoutputonly="true">
<cfcontent type="application/json; charset=utf-8" reset="true">

<cfscript>
/**
 * Seed Data Script - DEV ONLY
 *
 * Creates test users and data for development testing.
 * This endpoint is disabled on production.
 *
 * GET: Returns current seed data info
 * POST: { "action": "seed" } - Creates seed data
 * POST: { "action": "reset" } - Clears all test data and re-seeds
 */

function apiAbort(required struct payload) {
    writeOutput(serializeJSON(payload));
    abort;
}

// SAFETY: Only allow on dev environment
if (!structKeyExists(application, "isDevEnvironment") || !application.isDevEnvironment) {
    apiAbort({
        "OK": false,
        "ERROR": "forbidden",
        "MESSAGE": "This endpoint is only available in development"
    });
}

function readJsonBody() {
    var raw = getHttpRequestData().content;
    if (isNull(raw)) raw = "";
    if (!len(trim(raw))) return {};
    try {
        var data = deserializeJSON(raw);
        if (isStruct(data)) return data;
    } catch (any e) {}
    return {};
}

function createTestUser(phone, firstName, lastName, isVerified = true) {
    var userUUID = replace(createUUID(), "-", "", "all");

    queryExecute("
        INSERT INTO Users (
            ContactNumber,
            UUID,
            FirstName,
            LastName,
            IsContactVerified,
            IsEmailVerified,
            IsActive,
            AddedOn,
            Password,
            PromoCode,
            MobileVerifyCode
        ) VALUES (
            :phone,
            :uuid,
            :firstName,
            :lastName,
            :isVerified,
            0,
            :isVerified,
            :addedOn,
            '',
            :promoCode,
            '123456'
        )
    ", {
        phone: { value: phone, cfsqltype: "cf_sql_varchar" },
        uuid: { value: userUUID, cfsqltype: "cf_sql_varchar" },
        firstName: { value: firstName, cfsqltype: "cf_sql_varchar" },
        lastName: { value: lastName, cfsqltype: "cf_sql_varchar" },
        isVerified: { value: isVerified ? 1 : 0, cfsqltype: "cf_sql_integer" },
        addedOn: { value: now(), cfsqltype: "cf_sql_timestamp" },
        promoCode: { value: randRange(1000000, 9999999), cfsqltype: "cf_sql_varchar" }
    }, { datasource: "payfrit" });

    return userUUID;
}

function seedTestData() {
    var created = [];

    // Test User 1: Magic phone (always works with OTP 123456)
    try {
        createTestUser("5555555555", "Magic", "User", true);
        arrayAppend(created, "Magic User (5555555555)");
    } catch (any e) {
        if (e.message contains "Duplicate") {
            arrayAppend(created, "Magic User already exists");
        } else {
            arrayAppend(created, "Magic User failed: " & e.message);
        }
    }

    // Test User 2: Regular verified user
    try {
        createTestUser("5551234567", "Test", "Customer", true);
        arrayAppend(created, "Test Customer (5551234567)");
    } catch (any e) {
        if (e.message contains "Duplicate") {
            arrayAppend(created, "Test Customer already exists");
        } else {
            arrayAppend(created, "Test Customer failed: " & e.message);
        }
    }

    // Test User 3: Unverified user (for testing signup flow)
    try {
        createTestUser("5559876543", "", "", false);
        arrayAppend(created, "Unverified User (5559876543)");
    } catch (any e) {
        if (e.message contains "Duplicate") {
            arrayAppend(created, "Unverified User already exists");
        } else {
            arrayAppend(created, "Unverified User failed: " & e.message);
        }
    }

    return created;
}

function resetTestData() {
    // Delete test users (by phone prefix 555)
    queryExecute("
        DELETE FROM Users
        WHERE ContactNumber LIKE '555%'
    ", {}, { datasource: "payfrit" });

    return seedTestData();
}

function getTestDataInfo() {
    var qUsers = queryExecute("
        SELECT ID, ContactNumber, FirstName, LastName,
               IsContactVerified, UUID
        FROM Users
        WHERE ContactNumber LIKE '555%'
        ORDER BY ContactNumber
    ", {}, { datasource: "payfrit" });

    var users = [];
    for (var row in qUsers) {
        arrayAppend(users, {
            "phone": row.ContactNumber,
            "name": trim(row.FirstName & " " & row.LastName),
            "verified": row.IsContactVerified == 1,
            "uuid": row.UUID
        });
    }

    return users;
}

try {
    requestMethod = cgi.request_method;

    if (requestMethod == "GET") {
        // Return current test data info
        writeOutput(serializeJSON({
            "OK": true,
            "testUsers": getTestDataInfo(),
            "magicOTP": application.MAGIC_OTP_CODE,
            "magicPhones": application.MAGIC_PHONE_NUMBERS
        }));
    } else if (requestMethod == "POST") {
        data = readJsonBody();
        action = structKeyExists(data, "action") ? lcase(data.action) : "seed";

        if (action == "reset") {
            created = resetTestData();
            writeOutput(serializeJSON({
                "OK": true,
                "action": "reset",
                "created": created,
                "testUsers": getTestDataInfo()
            }));
        } else {
            created = seedTestData();
            writeOutput(serializeJSON({
                "OK": true,
                "action": "seed",
                "created": created,
                "testUsers": getTestDataInfo()
            }));
        }
    } else {
        apiAbort({
            "OK": false,
            "ERROR": "method_not_allowed",
            "MESSAGE": "Use GET to view or POST to seed"
        });
    }

} catch (any e) {
    apiAbort({
        "OK": false,
        "ERROR": "server_error",
        "MESSAGE": application.showDetailedErrors ? e.message : "An error occurred",
        "DETAIL": application.showDetailedErrors ? e.detail : ""
    });
}
</cfscript>