from django.contrib.auth.models import BaseUserManager


class UserManager(BaseUserManager):
    """
    Custom User Manager for email-based authentication and user creation.
    Handles user creation with proper validation and role assignment.
    """
    
    def create_user(self, email, password=None, **extra_fields):
        """Create and return a regular user with an email and password."""
        if not email:
            raise ValueError("The Email field must be set")
        
        email = self.normalize_email(email)
        user = self.model(email=email, **extra_fields)
        user.set_password(password)
        user.save(using=self._db)
         
        # Assign default role if specified - import here to avoid circular import
        try:
            from apps.accounts.models import Role, UserRole
            default_role = Role.objects.filter(is_default=True, is_active=True).first()
            if default_role:
                UserRole.objects.create(user=user, role=default_role)
        except ImportError:
            pass  # Skip role assignment if models not ready
        
        return user

    def create_superuser(self, email, password=None, **extra_fields):
        """Create and return a superuser with an email and password."""
        extra_fields.setdefault("is_staff", True)
        extra_fields.setdefault("is_superuser", True)
        extra_fields.setdefault("is_active", True)

        if extra_fields.get("is_staff") is not True:
            raise ValueError("Superuser must have is_staff=True.")
        if extra_fields.get("is_superuser") is not True:
            raise ValueError("Superuser must have is_superuser=True.")

        user = self.create_user(email, password, **extra_fields)
        
        # Assign admin role to superuser - import here to avoid circular import
        try:
            from django.contrib.auth.models import Permission
            from apps.accounts.models import Role, UserRole
            
            admin_role, created = Role.objects.get_or_create(
                code="super_admin",
                defaults={
                    "name": "Super Administrator",
                    "description": "Full system access",
                    "role_type": "system",
                    "level": 1,
                    "is_active": True
                }
            )
            
            if created:
                # Assign all permissions to super admin role
                admin_role.permissions.set(Permission.objects.all())
            
            UserRole.objects.get_or_create(user=user, role=admin_role)
        except ImportError:
            pass  # Skip role assignment if models not ready
        
        return user