import hashlib

class UserManager:
    def __init__(self, db_connection):
        self.db_connection = db_connection
        self.logged_in_user = None
        self.create_default_admin()

    def create_default_admin(self):
        cur = self.db_connection.cursor()
        cur.execute('SELECT * FROM Account WHERE userID="admin"')
        admin_account = cur.fetchone()
        if not admin_account:
            default_password = "admin"  # 默认密码是admin，实际情况下应该设置更复杂的密码
            passwordHash = hashlib.sha256(default_password.encode()).hexdigest()  # 使用SHA-256算法对密码进行哈希
            cur.execute('INSERT INTO Account(userID, passwordHash, permission) VALUES(?, ?, ?)',
                        ("admin", passwordHash, "Admin"))
            self.db_connection.commit()

    def login(self, userID, password):
        cur = self.db_connection.cursor()
        passwordHash = hashlib.sha256(password.encode()).hexdigest()
        cur.execute('SELECT * FROM Account WHERE userID=? AND passwordHash=?', (userID, passwordHash))
        user = cur.fetchone()
        if user:
            self.logged_in_user = user
            print("Login successful")
            return True
        else:
            print("Login failed")
            return False

    def logout(self):
        self.logged_in_user = None

    def add_user(self, userID, password, permission):
        if self.logged_in_user and self.logged_in_user[2] == 'Admin':
            cur = self.db_connection.cursor()
            passwordHash = hashlib.sha256(password.encode()).hexdigest()
            cur.execute('INSERT INTO Account(userID, passwordHash, permission) VALUES(?, ?, ?)', (userID, passwordHash, permission))
            self.db_connection.commit()
        else:
            print("Permission denied")

    def add_book_info(self,ISBN, author, summary, price, publicationDate, category):
        if self.logged_in_user and self.logged_in_user[2] == 'Admin':  # 检查当前登录的用户是否有Admin权限
            cur = self.db_connection.cursor()
            cur.execute('''
                INSERT INTO BookInfo(ISBN, author, summary, price, publicationDate, category) VALUES(?, ?, ?, ?, ?, ?)
            ''', (ISBN, author, summary, price, publicationDate, category))
            self.db_connection.commit()
        else:
            print("Only Admin can add books.")

    def add_book(self, bookId, ISBN, location):
        if self.logged_in_user and self.logged_in_user[2] == 'Admin':  # 检查当前登录的用户是否有Admin权限
            cur = self.db_connection.cursor()
            cur.execute('''INSERT INTO MainBook(bookID, ISBN, borrowStatus) VALUES(?, ?, 'borrowed')''', bookId, ISBN)
            cur.execute('''INSERT INTO BookLocation(bookID, location) VALUES(?, ?)''', bookId, location)
            self.db_connection.commit()
        else:
            print("Only Admin can add books.")

    def delete_book(self, bookID):
        if self.logged_in_user and self.logged_in_user[2] == 'Admin':  # 检查当前登录的用户是否有Admin权限
            cur = self.db_connection.cursor()
            cur.execute('DELETE FROM MainBook WHERE bookID=?', (bookID,))
            cur.execute('DELETE FROM BookLocation WHERE bookID=?', (bookID,))
            cur.execute('DELETE FROM BorrowRecord WHERE bookID=?', (bookID,))
            cur.execute('DELETE FROM BookInfo WHERE ISBN=(SELECT ISBN FROM MainBook WHERE bookID=?)', (bookID,))
            self.db_connection.commit()
        else:
            print("Only Admin can delete books.")

    def change_book_location(self, bookID, new_location):
        if self.logged_in_user and self.logged_in_user[2] == 'Admin':  # 检查当前登录的用户是否有Admin权限
            cur = self.db_connection.cursor()
            cur.execute('UPDATE BookLocation SET location=? WHERE bookID=?', (new_location, bookID))
            self.db_connection.commit()
        else:
            print("Only Admin can change book location.")

    def check_borrower(self, bookID):
        if self.logged_in_user and self.logged_in_user[2] == 'Admin':  # 检查当前登录的用户是否有Admin权限
            cur = self.db_connection.cursor()
            cur.execute('SELECT borrowingUser FROM BorrowRecord WHERE bookID=? AND actualReturnTime IS NULL', (bookID,))
            borrower = cur.fetchone()
            if borrower:
                print(f"The book {bookID} is currently borrowed by {borrower[0]}")
            else:
                print(f"The book {bookID} is currently not borrowed.")
        else:
            print("Only Admin can check borrower.")

    def check_borrow_record(self, bookID):
        if self.logged_in_user and self.logged_in_user[2] == 'Admin':  # 检查当前登录的用户是否有Admin权限
            cur = self.db_connection.cursor()
            cur.execute('SELECT * FROM BorrowRecord WHERE bookID=?', (bookID,))
            records = cur.fetchall()
            for record in records:
                print(record)
        else:
            print("Only Admin can check borrow record.")

    def change_user_permission(self, userID, new_permission):
        if self.logged_in_user and self.logged_in_user[2] == 'Admin':  # 检查当前登录的用户是否有Admin权限
            cur = self.db_connection.cursor()
            cur.execute('UPDATE Account SET permission=? WHERE userID=?', (new_permission, userID))
            self.db_connection.commit()
        else:
            print("Only Admin can change user permission.")

    def borrow_book(self, bookID, expectedReturnTime):
        if self.logged_in_user and self.logged_in_user[2] == 'User':  # 检查当前登录的用户是否有User权限
            cur = self.db_connection.cursor()
            # 检查该图书是否可用
            cur.execute('SELECT borrowStatus FROM MainBook WHERE bookID=?', (bookID,))
            borrowStatus = cur.fetchone()[0]
            if borrowStatus == 'available':
                # 更新图书的借阅状态
                cur.execute('UPDATE MainBook SET borrowStatus=? WHERE bookID=?', ('borrowed', bookID))
                # 添加一条新的借阅记录
                cur.execute('''
                    INSERT INTO BorrowRecord(bookID, borrowTime, expectedReturnTime, borrowingUser)
                    VALUES(?, datetime("now"), ?, ?)
                ''', (bookID, expectedReturnTime, self.logged_in_user[0]))
                self.db_connection.commit()
                print("You have successfully borrowed the book.")
            else:
                print("The book is currently not available.")
        else:
            print("Only User can borrow books.")

    def return_book(self, bookID):
        if self.logged_in_user and self.logged_in_user[2] == 'User':  # 检查当前登录的用户是否有User权限
            cur = self.db_connection.cursor()
            # 检查该用户是否真的借阅了这本图书
            cur.execute('SELECT * FROM BorrowRecord WHERE bookID=? AND borrowingUser=? AND actualReturnTime IS NULL',
                        (bookID, self.logged_in_user[0]))
            if cur.fetchone():
                # 更新图书的借阅状态
                cur.execute('UPDATE MainBook SET borrowStatus=? WHERE bookID=?', ('available', bookID))
                # 更新借阅记录中的实际归还时间
                cur.execute(
                    'UPDATE BorrowRecord SET actualReturnTime=datetime("now") WHERE bookID=? AND borrowingUser=? AND actualReturnTime IS NULL',
                    (bookID, self.logged_in_user[0]))
                self.db_connection.commit()
                print("You have successfully returned the book.")
            else:
                print("You didn't borrow this book.")
        else:
            print("Only User can return books.")

    def find_book(self, bookID):
        # 检查用户是否有权限查找书籍
        if self.logged_in_user and self.logged_in_user[2] in ['Admin', 'User']:
            # 在数据库中查找书籍
            cur = self.db_connection.cursor()
            cur.execute('''
                SELECT * FROM MainBook WHERE bookID = ?
            ''', (bookID,))
            book = cur.fetchone()
            if book is not None:
                return book
            else:
                print("Book not found.")
                return None
        else:
            print("Permission Denied: You do not have the required permissions to find books.")
            return None