/**
 * Feedback Routes
 * Governed feedback system with autonomous/deliberation/human pathways
 */

const express = require('express');
const router = express.Router();

const feedbackController = require('../controllers/feedback.controller');
const { authenticateToken, requireRole } = require('../middleware/auth.middleware');
const { validateRequired } = require('../middleware/validation.middleware');
const { asyncHandler } = require('../middleware/error.middleware');
const { createInputValidationMiddleware } = require('../middleware/input-validation.middleware');
const { formRateLimiter } = require('../middleware/rate-limit.middleware');
const { csrfProtection } = require('../middleware/csrf-protection.middleware');

/**
 * Public Routes
 */

// Validation schema for feedback submission
const feedbackSubmitSchema = {
  'type': { required: true, type: 'string', maxLength: 50 },
  'content': { required: true, type: 'string', maxLength: 5000 },
  'name': { required: false, type: 'name', maxLength: 100 },
  'email': { required: false, type: 'email', maxLength: 254 }
};

// POST /api/feedback/submit - Submit feedback (public)
router.post('/submit',
  formRateLimiter,  // 5 requests per minute
  csrfProtection,  // CSRF validation
  createInputValidationMiddleware(feedbackSubmitSchema),
  validateRequired(['type', 'content']),
  asyncHandler(feedbackController.submit)
);

// GET /api/feedback/status/:feedbackId - Check feedback status (public)
router.get('/status/:feedbackId',
  asyncHandler(feedbackController.getStatus)
);

/**
 * Admin Routes (require authentication)
 */

// GET /api/feedback/admin/stats - Get feedback statistics
router.get('/admin/stats',
  authenticateToken,
  requireRole('admin', 'moderator'),
  asyncHandler(feedbackController.getStats)
);

// GET /api/feedback/admin/queue - Get feedback queue by pathway
router.get('/admin/queue',
  authenticateToken,
  requireRole('admin', 'moderator'),
  asyncHandler(feedbackController.getQueue)
);

// GET /api/feedback/admin/list - List all feedback with filtering
router.get('/admin/list',
  authenticateToken,
  requireRole('admin', 'moderator'),
  asyncHandler(feedbackController.list)
);

// GET /api/feedback/admin/:id - Get single feedback
router.get('/admin/:id',
  authenticateToken,
  requireRole('admin', 'moderator'),
  asyncHandler(feedbackController.getById)
);

// POST /api/feedback/admin/:id/response - Add response to feedback
router.post('/admin/:id/response',
  authenticateToken,
  requireRole('admin', 'moderator'),
  validateRequired(['content', 'respondedBy']),
  asyncHandler(feedbackController.addResponse)
);

// POST /api/feedback/admin/:id/deliberate - Initiate deliberation
router.post('/admin/:id/deliberate',
  authenticateToken,
  requireRole('admin'),
  asyncHandler(feedbackController.initiateDeliberation)
);

// POST /api/feedback/admin/deliberation/:deliberationId/vote - Submit vote
router.post('/admin/deliberation/:deliberationId/vote',
  authenticateToken,
  requireRole('admin', 'moderator'),
  validateRequired(['vote']),
  asyncHandler(feedbackController.submitVote)
);

// PUT /api/feedback/admin/:id - Update feedback
router.put('/admin/:id',
  authenticateToken,
  requireRole('admin', 'moderator'),
  asyncHandler(feedbackController.update)
);

// DELETE /api/feedback/admin/:id - Delete feedback
router.delete('/admin/:id',
  authenticateToken,
  requireRole('admin'),
  asyncHandler(feedbackController.deleteFeedback)
);

/**
 * AI Integration Routes (internal/authenticated only)
 */

// POST /api/feedback/ai/generate-response - AI generates response with validation
router.post('/ai/generate-response',
  authenticateToken,
  requireRole('admin', 'ai_agent'),
  validateRequired(['feedbackId', 'aiResponse']),
  asyncHandler(feedbackController.validateAIResponse)
);

module.exports = router;