/**
 * Research Inquiry Routes
 * Academic research collaboration inquiry endpoints
 */

const express = require('express');
const router = express.Router();

const researchController = require('../controllers/research.controller');
const { authenticateToken, requireRole } = require('../middleware/auth.middleware');
const { validateRequired, validateEmail, validateObjectId } = require('../middleware/validation.middleware');
const { asyncHandler } = require('../middleware/error.middleware');
const { createInputValidationMiddleware } = require('../middleware/input-validation.middleware');
const { formRateLimiter } = require('../middleware/rate-limit.middleware');

/**
 * Public routes
 */

// Validation schema for research inquiry submission
const researchInquirySchema = {
  'name': { required: true, type: 'name', maxLength: 100 },
  'email': { required: true, type: 'email', maxLength: 254 },
  'institution': { required: true, type: 'default', maxLength: 200 },
  'researchQuestion': { required: true, type: 'description', maxLength: 1000 },
  'methodology': { required: true, type: 'description', maxLength: 1000 },
  'context': { required: false, type: 'description', maxLength: 2000 },
  'needs': { required: false, type: 'array' },
  'otherNeeds': { required: false, type: 'description', maxLength: 500 },
  'timeline': { required: false, type: 'default', maxLength: 100 }
};

// POST /api/research-inquiry - Submit research inquiry (public)
router.post('/',
  formRateLimiter,  // 5 requests per minute
  createInputValidationMiddleware(researchInquirySchema),
  validateRequired(['name', 'email', 'institution', 'researchQuestion', 'methodology']),
  validateEmail('email'),
  asyncHandler(researchController.submitInquiry)
);

/**
 * Admin routes
 */

// GET /api/research-inquiry - List all inquiries (admin)
router.get('/',
  authenticateToken,
  requireRole('admin', 'moderator'),
  asyncHandler(researchController.listInquiries)
);

// GET /api/research-inquiry/:id - Get inquiry by ID (admin)
router.get('/:id',
  authenticateToken,
  requireRole('admin', 'moderator'),
  validateObjectId('id'),
  asyncHandler(researchController.getInquiry)
);

// POST /api/research-inquiry/:id/assign - Assign inquiry to user (admin)
router.post('/:id/assign',
  authenticateToken,
  requireRole('admin'),
  validateObjectId('id'),
  asyncHandler(researchController.assignInquiry)
);

// POST /api/research-inquiry/:id/respond - Mark as responded (admin)
router.post('/:id/respond',
  authenticateToken,
  requireRole('admin', 'moderator'),
  validateObjectId('id'),
  validateRequired(['content']),
  asyncHandler(researchController.respondToInquiry)
);

// DELETE /api/research-inquiry/:id - Delete inquiry (admin)
router.delete('/:id',
  authenticateToken,
  requireRole('admin'),
  validateObjectId('id'),
  asyncHandler(researchController.deleteInquiry)
);

module.exports = router;