<?php

require_once __DIR__ . '/../includes/api_bootstrap.php';
require_once __DIR__ . '/../includes/family_settings.php';

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    sendJson(['success' => false, 'error' => 'Method not allowed'], 405);
}

$people = normalizePeopleList(readJsonFile('people.json'));
if (count($people) > 0) {
    assertHoHCanManagePeople($people);
}

$body = readJsonBody();
$merged = loadFamilySettings();

$allowedPermanence = ['permanent', 'weekly', 'biweekly', 'monthly', 'quarterly', 'yearly'];

if (isset($body['currency_symbol'])) {
    $merged['currency_symbol'] = trim((string) $body['currency_symbol']);
}
if (isset($body['currency_name'])) {
    $merged['currency_name'] = trim((string) $body['currency_name']);
}
if (isset($body['currency_permanence'])) {
    $p = (string) $body['currency_permanence'];
    if (!in_array($p, $allowedPermanence, true)) {
        sendJson(['success' => false, 'error' => 'Invalid currency_permanence'], 400);
    }
    $merged['currency_permanence'] = $p;
}
if (isset($body['timezone'])) {
    $tz = trim((string) $body['timezone']);
    if (!in_array($tz, familyHubUsTimezoneIdentifiers(), true)) {
        sendJson(['success' => false, 'error' => 'Invalid timezone'], 400);
    }
    $merged['timezone'] = $tz;
}
if (array_key_exists('calendar_two_way_google', $body)) {
    $merged['calendar_two_way_google'] = !empty($body['calendar_two_way_google']);
}
if (isset($body['calendar_bill_days'])) {
    $merged['calendar_bill_days'] = normalizeCalendarBillDaysRaw($body['calendar_bill_days']);
}
if (isset($body['week_starts_on'])) {
    $w = (int) $body['week_starts_on'];
    if ($w < 0 || $w > 6) {
        sendJson(['success' => false, 'error' => 'week_starts_on must be 0–6'], 400);
    }
    $merged['week_starts_on'] = $w;
}
if (array_key_exists('nfc_base_url', $body)) {
    $baseUrl = trim((string) $body['nfc_base_url']);
    if ($baseUrl !== '' && !preg_match('#^https?://#i', $baseUrl)) {
        sendJson(['success' => false, 'error' => 'nfc_base_url must start with http:// or https://'], 400);
    }
    $merged['nfc_base_url'] = rtrim($baseUrl, '/');
}
if (array_key_exists('nfc_show_confirmation', $body)) {
    $merged['nfc_show_confirmation'] = !empty($body['nfc_show_confirmation']);
}
if (array_key_exists('nfc_scan_cooldown_seconds', $body)) {
    $cooldown = (int) $body['nfc_scan_cooldown_seconds'];
    if ($cooldown < 0 || $cooldown > 600) {
        sendJson(['success' => false, 'error' => 'nfc_scan_cooldown_seconds must be 0-600'], 400);
    }
    $merged['nfc_scan_cooldown_seconds'] = $cooldown;
}

$merged = normalizeLoadedFamilySettings($merged);

if (!writeJsonFile('family_settings.json', $merged)) {
    sendJson(['success' => false, 'error' => 'Failed to save settings'], 500);
}

sendJson(['success' => true, 'settings' => $merged]);