from flask import Blueprint, request, session, redirect, flash
import json
from auth import require_level

bp = Blueprint('action_delete_account', __name__)

DATA_DIR      = '/data'
ACCOUNTS_FILE = f'{DATA_DIR}/authorized_accounts.json'


def _load_accounts():
    try:
        with open(ACCOUNTS_FILE) as f:
            return json.load(f)
    except Exception:
        return {'accounts': []}

def _save_accounts(data):
    with open(ACCOUNTS_FILE, 'w') as f:
        json.dump(data, f, indent=2)


@bp.route('/action/delete_account', methods=['POST'])
@require_level('manager')
def delete_account():
    try:
        row_index = int(request.form.get('row_index', ''))
    except (ValueError, TypeError):
        flash('Invalid request.', 'error')
        return redirect('/view/view_manage_accounts')

    data     = _load_accounts()
    accounts = data.get('accounts', [])

    if row_index < 0 or row_index >= len(accounts):
        flash('Account not found.', 'error')
        return redirect('/view/view_manage_accounts')

    target = accounts[row_index]

    if target.get('email_address', '').lower() == session.get('email_address', '').lower():
        flash('You cannot remove your own account.', 'error')
        return redirect('/view/view_manage_accounts')

    removed_email = target.get('email_address', '')
    accounts.pop(row_index)
    data['accounts'] = accounts
    _save_accounts(data)

    flash(f'Account for {removed_email} has been removed.', 'success')
    return redirect('/view/view_manage_accounts')