from fastapi import APIRouter, Depends, Form
from sqlalchemy.orm import Session
from datetime import datetime
from database import get_db
import models
from auth import require_admin

router = APIRouter(prefix="/api/settings", tags=["settings"])

@router.get("")
def get_settings(db: Session = Depends(get_db), _=Depends(require_admin)):
    settings = db.query(models.SystemSetting).all()
    return {s.key: s.value for s in settings}

@router.put("")
def update_settings(
    report_visibility_policy: str = Form(...),
    db: Session = Depends(get_db),
    _=Depends(require_admin)
):
    for key, value in [("report_visibility_policy", report_visibility_policy)]:
        s = db.query(models.SystemSetting).filter_by(key=key).first()
        if s:
            s.value = value
            s.updated_at = datetime.now()
        else:
            db.add(models.SystemSetting(key=key, value=value))
    db.commit()
    return {"ok": True}