from django.core.management.base import BaseCommand
from django.contrib.auth.models import Permission
from hr.models import Department, Employee
from accounts.models import CustomUser


class Command(BaseCommand):
    help = 'Grant superuser privileges to Management department employees and ensure all permissions'

    def add_arguments(self, parser):
        parser.add_argument(
            '--username',
            type=str,
            help='Grant superuser privileges to specific username',
        )
        parser.add_argument(
            '--all-management',
            action='store_true',
            help='Grant superuser privileges to all Management department employees',
        )

    def handle(self, *args, **options):
        username = options.get('username')
        all_management = options.get('all_management')

        if username:
            # Grant superuser privileges to specific user
            try:
                user = CustomUser.objects.get(username=username)
                user.is_superuser = True
                user.is_staff = True
                user.role = 'admin'
                user.save()
                
                self.stdout.write(
                    self.style.SUCCESS(f'Successfully granted superuser privileges to: {username}')
                )
            except CustomUser.DoesNotExist:
                self.stdout.write(
                    self.style.ERROR(f'User not found: {username}')
                )
                return

        elif all_management:
            # Grant superuser privileges to all Management department employees
            try:
                management_dept = Department.objects.get(name='Management')
                management_employees = Employee.objects.filter(
                    department=management_dept,
                    employment_status='active'
                )
                
                updated_count = 0
                for employee in management_employees:
                    if employee.user:
                        employee.user.is_superuser = True
                        employee.user.is_staff = True
                        employee.user.role = 'admin'
                        employee.user.save()
                        updated_count += 1
                        self.stdout.write(f'Granted superuser privileges to: {employee.full_name}')
                
                self.stdout.write(
                    self.style.SUCCESS(f'Successfully updated {updated_count} Management employees with superuser privileges!')
                )
                
            except Department.DoesNotExist:
                self.stdout.write(
                    self.style.ERROR('Management department not found. Please create it first.')
                )
        else:
            self.stdout.write(
                self.style.WARNING('Please specify either --username or --all-management')
            )

        # Display all current superusers
        superusers = CustomUser.objects.filter(is_superuser=True)
        self.stdout.write('\nCurrent Superusers:')
        for user in superusers:
            self.stdout.write(f'- {user.username} ({user.get_full_name() or "No name"})')