-- Update the user creation trigger to properly handle Keycloak user metadata
CREATE OR REPLACE FUNCTION kit.setup_new_user()
RETURNS trigger
LANGUAGE plpgsql
SECURITY DEFINER
SET search_path TO ''
AS $$
DECLARE
    user_name text;
    picture_url text;
    personal_code text;
    full_name text;
    given_name text;
    family_name text;
    preferred_username text;
BEGIN
    -- Extract data from Keycloak user metadata
    -- Check raw_user_meta_data first (this is where Keycloak data is stored)
    IF new.raw_user_meta_data IS NOT NULL THEN
        -- Try full_name first, then name field
        full_name := new.raw_user_meta_data ->> 'full_name';
        IF full_name IS NULL THEN
            full_name := new.raw_user_meta_data ->> 'name';
        END IF;
        
        -- Extract individual name components
        given_name := new.raw_user_meta_data -> 'custom_claims' ->> 'given_name';
        family_name := new.raw_user_meta_data -> 'custom_claims' ->> 'family_name';
        preferred_username := new.raw_user_meta_data -> 'custom_claims' ->> 'preferred_username';
        
        -- Use given_name (first name) for the name field
        IF given_name IS NOT NULL THEN
            user_name := given_name;
        ELSIF full_name IS NOT NULL THEN
            user_name := full_name;
        ELSIF preferred_username IS NOT NULL THEN
            user_name := preferred_username;
        END IF;
        
        -- Extract personal code from preferred_username (Keycloak provides Estonian personal codes here)
        IF preferred_username IS NOT NULL THEN
            personal_code := preferred_username;
        END IF;
        
        -- Also try personalCode field as fallback
        IF personal_code IS NULL THEN
            personal_code := new.raw_user_meta_data ->> 'personalCode';
        END IF;
    END IF;

    -- Fall back to email if no name found
    IF user_name IS NULL AND new.email IS NOT NULL THEN
        user_name := split_part(new.email, '@', 1);
    END IF;

    -- Default empty string if still no name
    IF user_name IS NULL THEN
        user_name := '';
    END IF;

    -- Extract picture URL
    IF new.raw_user_meta_data ->> 'avatar_url' IS NOT NULL THEN
        picture_url := new.raw_user_meta_data ->> 'avatar_url';
    ELSE
        picture_url := null;
    END IF;

    -- Insert into medreport.accounts
    INSERT INTO medreport.accounts (
        id,
        primary_owner_user_id,
        name,
        last_name,
        is_personal_account,
        picture_url,
        email,
        personal_code,
        application_role
    )
    VALUES (
        new.id,
        new.id,
        user_name,
        family_name,
        true,
        picture_url,
        NULL, -- Keycloak email !== customer personal email, they will set this later
        personal_code,
        'user'  -- Default role for new users
    );

    RETURN new;
END;
$$;