main.py

from flask import Flask, request, jsonify
import os
import json

import time # Not actively used
import base64 # Not actively used
import uuid
from flask_cors import CORS
from google import genai

from PIL import Image # Not actively used
import io # Not actively used
from typing import List, Dict, Any # Not actively used
import logging
import traceback
from datetime import datetime, timezone
import re

from firebase_admin import credentials, db, storage, auth, exceptions as firebase_exceptions
import firebase_admin

# --- NEW: Geolocation Libraries ---
import geohash as pgh
from haversine import haversine, Unit

app = Flask(__name__)
CORS(app)

# Configure logging
logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s')
logger = logging.getLogger(__name__)

# --- NEW: Geolocation Configuration ---
GEOHASH_PRECISION = 7 # A good balance. ~153m x 153m area.

# Configure GenAI (Gemini)
GOOGLE_API_KEY = os.getenv('GOOGLE_API_KEY')
gemini_client = None
if not GOOGLE_API_KEY:
    logger.warning("GOOGLE_API_KEY environment variable is not set. AI features will be disabled.")
else:
    try:
        gemini_client = genai.Client(api_key=GOOGLE_API_KEY)
        logger.info("Gemini AI Client initialized successfully using genai.Client().")
    except Exception as e:
        logger.error(f"Failed to initialize Gemini AI Client with genai.Client(): {e}")
        gemini_client = None

import resend
# NEW: Initialize the Resend client using environment variables
# This should be placed near your other initializations at the top of the file.
if 'RESEND_API_KEY' in os.environ:
    resend.api_key = os.environ["RESEND_API_KEY"]
    SENDER_EMAIL = os.environ.get("SENDER_EMAIL")
    if not SENDER_EMAIL:
        logger.warning("RESEND_API_KEY is set, but SENDER_EMAIL is not. Emails will not be sent.")
        resend.api_key = None # Disable client if sender is not configured
else:
    logger.info("RESEND_API_KEY environment variable not found. Email notifications will be disabled.")
    resend.api_key = None

#--- Firebase Initialization ---
FIREBASE_CREDENTIALS_JSON_STRING = os.getenv("FIREBASE")
FIREBASE_DB_URL = os.getenv("Firebase_DB")
FIREBASE_STORAGE_BUCKET = os.getenv("Firebase_Storage")

FIREBASE_INITIALIZED = False
bucket = None
db_app = None

try:
    if FIREBASE_CREDENTIALS_JSON_STRING and FIREBASE_DB_URL and FIREBASE_STORAGE_BUCKET:
        credentials_json = json.loads(FIREBASE_CREDENTIALS_JSON_STRING)
        cred = credentials.Certificate(credentials_json)
        if not firebase_admin._apps:
            db_app = firebase_admin.initialize_app(cred, {
                'databaseURL': FIREBASE_DB_URL,
                'storageBucket': FIREBASE_STORAGE_BUCKET
            })
        else:
            db_app = firebase_admin.get_app()

        FIREBASE_INITIALIZED = True
        bucket = storage.bucket(app=db_app)
        logger.info("Firebase Admin SDK initialized successfully.")
    else:
        logger.error("Firebase environment variables (FIREBASE, Firebase_DB, Firebase_Storage) not fully set. Firebase Admin SDK not initialized.")
except Exception as e:
    logger.error(f"CRITICAL: Error initializing Firebase: {e}")
    traceback.print_exc()

#--- END Firebase Initialization ---


# Paynow #
# --- Paynow Initialization ---
from paynow import Paynow

PAYNOW_INTEGRATION_ID = os.getenv("PAYNOW_INTEGRATION_ID")
PAYNOW_INTEGRATION_KEY = os.getenv("PAYNOW_INTEGRATION_KEY")
# IMPORTANT: This should be the publicly accessible URL of your deployed application
APP_BASE_URL = os.getenv("APP_BASE_URL", "https://tunasongaagri.co.zw") 

paynow_client = None
if PAYNOW_INTEGRATION_ID and PAYNOW_INTEGRATION_KEY:
    try:
        paynow_client = Paynow(
            PAYNOW_INTEGRATION_ID,
            PAYNOW_INTEGRATION_KEY,
            return_url=f"{APP_BASE_URL}/my-deals", # A page for the user to land on after payment
            result_url=f"{APP_BASE_URL}/api/payment/webhook/paynow" # The webhook URL for server-to-server updates
        )
        logger.info("Paynow client initialized successfully.")
    except Exception as e:
        logger.error(f"Failed to initialize Paynow client: {e}")
else:
    logger.warning("Paynow environment variables not set. Payment features will be disabled.")

#--- NEW: Geolocation Helpers ---
def _calculate_geohash(lat, lon):
    """Calculates the geohash for a given latitude and longitude."""
    return pgh.encode(lat, lon, precision=GEOHASH_PRECISION)

def _get_geohash_query_area(lat, lon):
    """Calculates the geohash for a point and its 8 neighbors."""
    center_geohash = _calculate_geohash(lat, lon)
    neighbors = pgh.neighbors(center_geohash)
    return [center_geohash] + neighbors

def _calculate_distance(point1_coords, point2_coords):
    """Calculates Haversine distance between two coordinate dictionaries."""
    point1 = (point1_coords['latitude'], point1_coords['longitude'])
    point2 = (point2_coords['latitude'], point2_coords['longitude'])
    return haversine(point1, point2, unit=Unit.KILOMETERS)

#--- Helper Functions ---
def verify_token(auth_header):
    if not FIREBASE_INITIALIZED:
        logger.error("verify_token: Firebase not initialized.")
        raise ConnectionError('Server configuration error: Firebase not ready.')
    if not auth_header or not auth_header.startswith('Bearer '):
        raise ValueError('Invalid token format')
    token = auth_header.split(' ')[1]
    try:
        decoded_token = auth.verify_id_token(token, app=db_app)
        return decoded_token['uid']
    except auth.AuthError as ae: # More specific Firebase Auth errors
        logger.error(f"Token verification failed (AuthError): {ae}")
        raise PermissionError(f"Token verification failed: {str(ae)}")
    except Exception as e: # Generic catch-all
        logger.error(f"Token verification failed (Generic Exception): {e}\n{traceback.format_exc()}")
        raise PermissionError(f"Token verification failed: {str(e)}")

def get_user_roles(uid):
    if not FIREBASE_INITIALIZED: return {}
    try:
        user_ref = db.reference(f'users/{uid}', app=db_app)
        user_data = user_ref.get()
        if user_data and isinstance(user_data.get('roles'), dict):
            return user_data.get('roles', {})
        return {}
    except Exception as e:
        logger.error(f"Error in get_user_roles for UID {uid}: {e}\n{traceback.format_exc()}")
        return {}

def verify_role(auth_header, required_role):
    uid = verify_token(auth_header) # Can raise PermissionError, ValueError, ConnectionError
    user_roles = get_user_roles(uid)
    if not user_roles.get(required_role, False):
        raise PermissionError(f'{required_role} access required')
    return uid

def verify_admin_or_facilitator(auth_header):
    uid = verify_token(auth_header) # Can raise
    if not FIREBASE_INITIALIZED: raise ConnectionError('Server configuration error: Firebase not ready.')
    try:
        user_ref = db.reference(f'users/{uid}', app=db_app)
        user_data = user_ref.get()
        if not user_data: raise PermissionError('User profile not found.')
        if not user_data.get('is_admin', False) and not user_data.get('is_facilitator', False):
            raise PermissionError('Admin or Facilitator access required')
        return uid, user_data.get('is_admin', False), user_data.get('is_facilitator', False)
    except firebase_exceptions.FirebaseError as fe:
        logger.error(f"Firebase error in verify_admin_or_facilitator for UID {uid}: {fe}\n{traceback.format_exc()}")
        raise ConnectionError(f"Database access error during admin/facilitator check: {fe}")
    # PermissionError from verify_token will be caught by the route handler

def verify_admin(auth_header):
    uid = verify_token(auth_header) # Can raise
    if not FIREBASE_INITIALIZED: raise ConnectionError('Server configuration error: Firebase not ready.')
    try:
        user_ref = db.reference(f'users/{uid}', app=db_app)
        user_data = user_ref.get()
        if not user_data:
            logger.warning(f"User {uid} (from token) not found in Realtime DB. Cannot verify admin status.")
            raise PermissionError('User profile not found in database. Admin access denied.')
        if not user_data.get('is_admin', False):
            raise PermissionError('Admin access required')
        return uid
    except firebase_exceptions.FirebaseError as fe:
        logger.error(f"Firebase error in verify_admin for UID {uid}: {fe}\n{traceback.format_exc()}")
        raise ConnectionError(f"Database access error during admin check: {fe}")
    # PermissionError from verify_token will be caught by the route handler

def ensure_user_profile_exists(uid, email=None, name=None, phone_number=None):
    if not FIREBASE_INITIALIZED:
        logger.error(f"ensure_user_profile_exists: Firebase not initialized. Cannot ensure profile for UID: {uid}")
        return None # Or raise ConnectionError
    try:
        user_ref = db.reference(f'users/{uid}', app=db_app)
        user_data = user_ref.get()
        if not user_data:
            logger.info(f"Creating missing Tunasonga profile for UID: {uid}")
            if not email:
                try:
                    user_record = auth.get_user(uid, app=db_app)
                    email = user_record.email
                except Exception as e_auth_get:
                    logger.error(f"Failed to get email for UID {uid} from Firebase Auth: {e_auth_get}")
            new_profile = {
                'email': email, 'name': name or "", 'phone_number': phone_number or "",
                'location': "", # Legacy text field
                'location_coords': None, # NEW: Geo object
                'geohash': None, # NEW: Geohash for indexing
                'roles': {'farmer': False, 'buyer': False, 'transporter': False},
                'role_applications': {}, 'document_references': {},
                'is_admin': False, 'is_facilitator': False,
                'created_at': datetime.now(timezone.utc).isoformat(), 'suspended': False,
                'account_type': 'webapp_registered' # Default for web app signups
            }
            user_ref.set(new_profile)
            verification = user_ref.get()
            if verification and verification.get('email') == email:
                logger.info(f"Successfully created Tunasonga profile for UID: {uid}")
                return verification
            else:
                logger.error(f"Profile creation verification failed for UID: {uid} after set.")
                return None
        return user_data
    except firebase_exceptions.FirebaseError as fe:
        logger.error(f"Firebase error in ensure_user_profile_exists for UID {uid}: {fe}\n{traceback.format_exc()}")
        return None # Or raise
    except Exception as e:
        logger.error(f"Error ensuring Tunasonga profile exists for UID {uid}: {e}\n{traceback.format_exc()}")
        return None # Or raise

#--- Universal Route Error Handler for Auth/Verification & Firebase ---
def handle_route_errors(e, uid_context="unknown"): # Added uid_context for better logging
    if isinstance(e, PermissionError):
        return jsonify({'error': str(e), 'type': 'PermissionError'}), 403
    elif isinstance(e, ValueError): # e.g. invalid token format, or bad input to int()/float()
        return jsonify({'error': str(e), 'type': 'ValueError'}), 400
    elif isinstance(e, ConnectionError): # Firebase not ready or DB access issue from helpers
        return jsonify({'error': str(e), 'type': 'ConnectionError'}), 503
    elif isinstance(e, firebase_exceptions.FirebaseError): # Catch specific Firebase SDK errors
        logger.error(f"Firebase SDK Error in route (UID context: {uid_context}): {e}\n{traceback.format_exc()}")
        return jsonify({'error': f'A Firebase error occurred: {str(e)}', 'type': 'FirebaseSDKError'}), 500
    else: # Generic catch-all for other unexpected errors
        logger.error(f"Unexpected Error in route (UID context: {uid_context}): {e}\n{traceback.format_exc()}")
        return jsonify({'error': f'An unexpected error occurred: {str(e)}', 'type': 'GenericError'}), 500

#--- system notifications ---

def _send_system_notification(user_id, message_content, notif_type, link=None, send_email=False, email_subject=None, email_body=None):
    if not FIREBASE_INITIALIZED:
        logger.error("_send_system_notification: Firebase not ready.")
        return False
    if not user_id or not message_content:
        logger.warning(f"_send_system_notification: Called with missing user_id or message_content.")
        return False

    # --- Primary Channel: Firebase In-App Notification ---
    firebase_success = False
    notif_id = str(uuid.uuid4())
    notif_data = {
        "message": message_content,
        "type": notif_type,
        "link": link,
        "created_at": datetime.now(timezone.utc).isoformat(),
        "read": False
    }
    try:
        db.reference(f'notifications/{user_id}/{notif_id}', app=db_app).set(notif_data)
        logger.info(f"Firebase notification sent to {user_id}: {message_content[:50]}...")
        firebase_success = True
    except firebase_exceptions.FirebaseError as fe:
        logger.error(f"Failed to send Firebase notification to {user_id} due to Firebase error: {fe}")
    except Exception as e:
        logger.error(f"Failed to send Firebase notification to {user_id} due to generic error: {e}")

    # --- Secondary Channel: Email via Resend ---
    if send_email:
        if not resend.api_key or not SENDER_EMAIL:
            logger.warning(f"Skipping email for user {user_id} because Resend is not configured.")
            return firebase_success # Return status of primary channel

        try:
            user_profile = db.reference(f'users/{user_id}', app=db_app).get()
            if not user_profile or not user_profile.get('email'):
                logger.warning(f"Cannot send email to user {user_id}: no profile or email address found.")
                return firebase_success

            recipient_email = user_profile['email']
            # Basic email validation
            if '@' not in recipient_email or '.' not in recipient_email.split('@')[1]:
                 logger.warning(f"Cannot send email to user {user_id}: invalid email format ('{recipient_email}').")
                 return firebase_success

            # Use message_content as fallback for email body if not provided
            html_content = email_body if email_body else f"<p>{message_content}</p>"
            
            params = {
                "from": SENDER_EMAIL,
                "to": [recipient_email],
                "subject": email_subject or "New Notification from Tunasonga Agri",
                "html": html_content,
            }
            email_response = resend.Emails.send(params)
            logger.info(f"Email dispatched to {recipient_email} via Resend. ID: {email_response['id']}")

        except firebase_exceptions.FirebaseError as fe_db:
            logger.error(f"Email dispatch failed for {user_id}: Could not fetch user profile from Firebase. Error: {fe_db}")
        except Exception as e_resend:
            # This catches errors from the resend.Emails.send() call
            logger.error(f"Email dispatch failed for {user_id} ({recipient_email}). Resend API Error: {e_resend}")

    return firebase_success

#--- Authentication Endpoints ---
@app.route('/api/auth/signup', methods=['POST'])
def signup():
    if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
    uid = None # For error context
    data_req = {} # For error context
    try:
        data_req = request.get_json()
        email, password, name = data_req.get('email'), data_req.get('password'), data_req.get('name')
        phone_number = data_req.get('phone_number')
        if not email or not password or not name: return jsonify({'error': 'Email, password, and name are required'}), 400
        user_record = auth.create_user(email=email, password=password, display_name=name, app=db_app)
        uid = user_record.uid
        user_data = ensure_user_profile_exists(uid, email, name, phone_number)
        if not user_data:
            try: auth.delete_user(uid, app=db_app)
            except Exception as e_del: logger.error(f"Failed to rollback auth user {uid} after DB profile error: {e_del}")
            return jsonify({'error': 'Failed to create user profile in database.'}), 500
        return jsonify({'success': True, 'user': {'uid': uid, **user_data}}), 201
    except auth.EmailAlreadyExistsError: return jsonify({'error': 'Email already exists.'}), 409
    except Exception as e: return handle_route_errors(e, uid_context=f"signup attempt for {data_req.get('email', 'N/A')}")

@app.route('/api/auth/google-signin', methods=['POST'])
def google_signin():
    if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
    uid = None # For error context
    try:
        auth_header = request.headers.get('Authorization', '')
        if not auth_header.startswith('Bearer '): return jsonify({'error': 'Missing or invalid token format for Google Sign-In'}), 401
        id_token = auth_header.split(' ')[1]
        decoded_token = auth.verify_id_token(id_token, app=db_app)
        uid, email, name = decoded_token['uid'], decoded_token.get('email'), decoded_token.get('name')
        user_data = ensure_user_profile_exists(uid, email, name)
        if not user_data: return jsonify({'error': 'Failed to create or retrieve user profile in database.'}), 500
        return jsonify({'success': True, 'user': {'uid': uid, **user_data}}), 200
    except auth.InvalidIdTokenError: return jsonify({'error': 'Invalid ID token from Google.'}), 401
    except Exception as e: return handle_route_errors(e, uid_context=uid)

#--- User Profile Endpoint ---
@app.route('/api/user/profile', methods=['GET', 'PUT'])
def user_profile():
    auth_header = request.headers.get('Authorization')
    uid = None
    try:
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        uid = verify_token(auth_header)
        user_ref = db.reference(f'users/{uid}', app=db_app)
        if request.method == 'GET':
            user_data = user_ref.get()
            if not user_data: return jsonify({'error': 'User profile not found in database.'}), 404
            return jsonify({'uid': uid, **user_data}), 200
        if request.method == 'PUT':
            data = request.get_json()
            update_data = {}
            if 'name' in data: update_data['name'] = data['name']
            if 'location' in data: update_data['location'] = data['location'] # Keep updating legacy text field
            if 'phone_number' in data: update_data['phone_number'] = data['phone_number']

            # --- MODIFIED: Handle new location_coords object ---
            if 'location_coords' in data and isinstance(data['location_coords'], dict):
                lat = data['location_coords'].get('latitude')
                lon = data['location_coords'].get('longitude')
                if isinstance(lat, (int, float)) and isinstance(lon, (int, float)):
                    # Validate coordinate ranges
                    if -90 <= lat <= 90 and -180 <= lon <= 180:
                        update_data['location_coords'] = {'latitude': lat, 'longitude': lon}
                        update_data['geohash'] = _calculate_geohash(lat, lon)
                    else:
                        return jsonify({'error': 'Invalid latitude or longitude values.'}), 400
                else:
                    return jsonify({'error': 'location_coords must contain valid latitude and longitude numbers.'}), 400

            if not update_data: return jsonify({'error': 'No updateable fields provided'}), 400
            user_ref.update(update_data)
            updated_profile = user_ref.get()
            return jsonify({'success': True, 'user': {'uid': uid, **updated_profile}}), 200
    except Exception as e: return handle_route_errors(e, uid_context=uid)

#--- Role Management Endpoints ---
@app.route('/api/user/roles/apply', methods=['POST'])
def apply_for_role():
    auth_header = request.headers.get('Authorization')
    uid = None
    try:
        if not FIREBASE_INITIALIZED or not bucket: return jsonify({'error': 'Server configuration error (Firebase/Storage).'}), 503
        uid = verify_token(auth_header)
        role_applied_for = request.form.get('role')
        if not role_applied_for in ['farmer', 'buyer', 'transporter']: return jsonify({'error': 'Invalid role specified'}), 400
        user_data = db.reference(f'users/{uid}', app=db_app).get()
        if not user_data: return jsonify({'error': 'User profile not found to apply for role.'}), 404
        if user_data.get('roles', {}).get(role_applied_for, False): return jsonify({'error': f'You already have the {role_applied_for} role.'}), 400
        if user_data.get('role_applications', {}).get(role_applied_for) == 'pending': return jsonify({'error': f'Your application for {role_applied_for} is already pending.'}), 400
        application_id = str(uuid.uuid4())
        application_data = {'user_id': uid, 'role': role_applied_for, 'status': 'pending', 'submitted_at': datetime.now(timezone.utc).isoformat(), 'documents': []}
        uploaded_doc_references = {}
        for doc_type_key in request.files:
            file = request.files[doc_type_key]
            if file and file.filename:
                safe_filename = os.path.basename(file.filename)
                filename_in_storage = f"user_documents/{uid}/{role_applied_for}{doc_type_key}{str(uuid.uuid4())}_{safe_filename}"
                blob = bucket.blob(filename_in_storage)
                blob.upload_from_file(file.stream)
                blob.make_public()
                doc_type_clean = doc_type_key.replace('_upload', '')
                application_data['documents'].append({'type': doc_type_clean, 'path': blob.public_url, 'filename': safe_filename})
                uploaded_doc_references[doc_type_clean] = blob.public_url
        db.reference(f'role_applications/{application_id}', app=db_app).set(application_data)
        user_ref = db.reference(f'users/{uid}', app=db_app)
        user_ref.child('role_applications').child(role_applied_for).set('pending')
        if uploaded_doc_references: user_ref.child('document_references').update(uploaded_doc_references)
        return jsonify({'success': True, 'message': f'Application for {role_applied_for} submitted.', 'application_id': application_id}), 201
    except Exception as e: return handle_route_errors(e, uid_context=uid)

#--- Admin Endpoints ---
@app.route('/api/admin/dashboard-stats', methods=['GET'])
def admin_dashboard_stats():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        stats = {
            'total_users': 0, 'users_by_role': {'farmer': 0, 'buyer': 0, 'transporter': 0},
            'pending_role_applications': 0, 'active_listings_produce': 0, 'active_listings_demand': 0,
            'pending_listings': 0, 'active_deals': 0, 'pending_deals_admin_approval': 0,
            'admin_profile': db.reference(f'users/{admin_uid}', app=db_app).get()
        }
        all_users = db.reference('users', app=db_app).get() or {}
        stats['total_users'] = len(all_users)
        for uid_loop, u_data in all_users.items():
            if u_data and u_data.get('roles', {}).get('farmer'): stats['users_by_role']['farmer'] += 1
            if u_data and u_data.get('roles', {}).get('buyer'): stats['users_by_role']['buyer'] += 1
            if u_data and u_data.get('roles', {}).get('transporter'): stats['users_by_role']['transporter'] += 1
        pending_roles_apps = db.reference('role_applications', app=db_app).order_by_child('status').equal_to('pending').get() or {}
        stats['pending_role_applications'] = len(pending_roles_apps)
        all_listings = db.reference('listings', app=db_app).get() or {}
        for lid, ldata in all_listings.items():
            if ldata and ldata.get('status') == 'active':
                if ldata.get('listing_type') == 'produce': stats['active_listings_produce'] += 1
                elif ldata.get('listing_type') == 'demand': stats['active_listings_demand'] += 1
            elif ldata and ldata.get('status') == 'pending_approval': stats['pending_listings'] += 1
        all_deals = db.reference('deals', app=db_app).get() or {}
        for did, ddata in all_deals.items():
            if ddata and ddata.get('status') == 'active': stats['active_deals'] += 1
            elif ddata and ddata.get('status') == 'accepted_by_farmer': stats['pending_deals_admin_approval'] += 1
        return jsonify(stats), 200
    except Exception as e: return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/users', methods=['GET'])
def admin_list_users():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        all_users = db.reference('users', app=db_app).get() or {}
        return jsonify(all_users), 200
    except Exception as e: return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/users/<target_uid>', methods=['GET'])
def admin_get_user(target_uid):
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        user_data = db.reference(f'users/{target_uid}', app=db_app).get()
        if not user_data: return jsonify({'error': 'User not found'}), 404
        return jsonify(user_data), 200
    except Exception as e: return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/users/<target_uid>/update', methods=['POST'])
def admin_update_user(target_uid):
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        data = request.get_json()
        update_payload = {}
        if 'suspended' in data and isinstance(data['suspended'], bool): update_payload['suspended'] = data['suspended']
        if 'is_admin' in data and isinstance(data['is_admin'], bool):
            if target_uid == admin_uid and not data['is_admin']: return jsonify({'error': "Admin cannot remove own admin status."}), 400
            update_payload['is_admin'] = data['is_admin']
        if 'is_facilitator' in data and isinstance(data['is_facilitator'], bool): update_payload['is_facilitator'] = data['is_facilitator']
        if 'roles' in data and isinstance(data['roles'], dict):
            valid_roles = {r: v for r, v in data['roles'].items() if r in ['farmer', 'buyer', 'transporter'] and isinstance(v, bool)}
            if valid_roles: update_payload['roles'] = valid_roles
        if not update_payload: return jsonify({'error': 'No valid fields to update provided'}), 400
        db.reference(f'users/{target_uid}', app=db_app).update(update_payload)
        updated_user = db.reference(f'users/{target_uid}', app=db_app).get()
        return jsonify({'success': True, 'message': f'User {target_uid} updated.', 'user': updated_user}), 200
    except Exception as e: return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/facilitators', methods=['GET'])
def admin_list_facilitators():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        all_users = db.reference('users', app=db_app).order_by_child('is_facilitator').equal_to(True).get() or {}
        return jsonify(all_users), 200
    except Exception as e: return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/users/create', methods=['POST'])
def admin_create_user():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    uid_new_user = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        data = request.get_json()
        email, password, name = data.get('email'), data.get('password'), data.get('name')
        phone_number, is_facilitator_val = data.get('phone_number'), data.get('is_facilitator', False)
        if not email or not password or not name: return jsonify({'error': 'Email, password, and name are required'}), 400
        user_record = auth.create_user(email=email, password=password, display_name=name, app=db_app)
        uid_new_user = user_record.uid
        user_data = ensure_user_profile_exists(uid_new_user, email, name, phone_number)
        if not user_data:
            try: auth.delete_user(uid_new_user, app=db_app)
            except Exception as e_del: logger.error(f"Rollback auth user failed: {e_del}")
            return jsonify({'error': 'Failed to create DB profile.'}), 500
        if is_facilitator_val:
            db.reference(f'users/{uid_new_user}', app=db_app).update({'is_facilitator': True})
            user_data['is_facilitator'] = True
        return jsonify({'success': True, 'message': 'User created by admin.', 'user': {'uid': uid_new_user, **user_data}}), 201
    except auth.EmailAlreadyExistsError: return jsonify({'error': 'Email already exists.'}), 409
    except Exception as e: return handle_route_errors(e, uid_context=admin_uid or uid_new_user)

@app.route('/api/admin/roles/pending', methods=['GET'])
def admin_get_pending_roles():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        apps_ref = db.reference('role_applications', app=db_app).order_by_child('status').equal_to('pending')
        pending_apps = apps_ref.get()
        return jsonify(pending_apps or {}), 200
    except Exception as e: return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/roles/<application_id>/<action>', methods=['POST'])
def admin_action_on_role(application_id, action):
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED: 
            return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        
        if action not in ['approve', 'reject']: 
            return jsonify({'error': 'Invalid action.'}), 400
        
        app_ref = db.reference(f'role_applications/{application_id}', app=db_app)
        application = app_ref.get()
        
        if not application or application.get('status') != 'pending': 
            return jsonify({'error': 'App not found or not pending.'}), 404
        
        user_id = application['user_id']
        role = application['role']
        user_profile_ref = db.reference(f'users/{user_id}', app=db_app)
        update_time = datetime.now(timezone.utc).isoformat()
        message_text = ""
        
        if action == 'approve':
            app_ref.update({'status': 'approved', 'reviewed_by': admin_uid, 'reviewed_at': update_time})
            user_profile_ref.child('roles').update({role: True})
            user_profile_ref.child('role_applications').update({role: 'approved'})
            message_text = f"Role {role} for user {user_id} approved."
            action_past_tense = "approved"
        else:  # reject
            app_ref.update({'status': 'rejected', 'reviewed_by': admin_uid, 'reviewed_at': update_time})
            user_profile_ref.child('role_applications').update({role: 'rejected'})
            message_text = f"Role {role} for user {user_id} rejected."
            action_past_tense = "rejected"

        # --- MODIFIED: Send a rich HTML email for this critical event ---
        email_subject = f"Your Tunasonga Agri Application for the '{role.capitalize()}' Role"
        email_body = f"""
        <div style="font-family: sans-serif; padding: 20px; border: 1px solid #e0e0e0; border-radius: 8px;">
            <h2 style="color: #333;">Application Status Update</h2>
            <p>Hello,</p>
            <p>This is an update regarding your application for the <strong>{role.capitalize()}</strong> role on the Tunasonga platform.</p>
            <p>Your application has been <strong>{action_past_tense}</strong> by an administrator.</p>
            <a href="https://tunasongaagri.co.zw/profile" style="display: inline-block; padding: 10px 15px; background-color: #28a745; color: #ffffff; text-decoration: none; border-radius: 5px; margin-top: 15px;">
                View My Profile
            </a>
            <p style="margin-top: 20px; font-size: 0.9em; color: #777;">
                If you have any questions, please contact our support team.
            </p>
            <p style="margin-top: 5px; font-size: 0.9em; color: #777;">
                Thank you,<br>The Tunasonga Agri Team
            </p>
        </div>
        """
        
        _send_system_notification(
            user_id=user_id, 
            message_content=f"Your application for the '{role}' role has been {action_past_tense}.", 
            notif_type="role_status", 
            link="/profile/roles",
            send_email=True,
            email_subject=email_subject,
            email_body=email_body
        )
        
        return jsonify({'success': True, 'message': message_text}), 200
        
    except Exception as e: 
        return handle_route_errors(e, uid_context=admin_uid)

#--- Marketplace Endpoints ---
# --- MODIFIED: Listing creation now requires coordinates ---
def _create_listing(uid_lister, listing_type, data):
    if not FIREBASE_INITIALIZED: raise ConnectionError("Firebase not ready for listing creation.")
    
    # NEW: location_coords is now a required field, 'location' (text) is optional.
    required_fields = ['crop_type', 'quantity', 'location_coords']
    if listing_type == "produce": required_fields.extend(['asking_price', 'harvest_date'])
    else: required_fields.extend(['quality_specs', 'price_range'])
    if not all(field in data for field in required_fields): raise ValueError(f'Missing fields for {listing_type} listing. Required: {required_fields}')

    # Validate and process coordinates
    location_coords = data.get('location_coords')
    if not isinstance(location_coords, dict) or 'latitude' not in location_coords or 'longitude' not in location_coords:
        raise ValueError('Invalid location_coords object. Must contain latitude and longitude.')
    
    lat = location_coords['latitude']
    lon = location_coords['longitude']
    if not (isinstance(lat, (int, float)) and isinstance(lon, (int, float)) and -90 <= lat <= 90 and -180 <= lon <= 180):
        raise ValueError('Invalid latitude or longitude values in location_coords.')

    listing_id = str(uuid.uuid4())
    listing_data = {
        'lister_id': uid_lister,
        'listing_type': listing_type,
        'status': 'pending_approval',
        'created_at': datetime.now(timezone.utc).isoformat(),
        'geohash': _calculate_geohash(lat, lon), # NEW: Store geohash
        **data
    }
    db.reference(f'listings/{listing_id}', app=db_app).set(listing_data)
    return listing_id, listing_data

@app.route('/api/listings/produce', methods=['POST'])
def create_produce_listing():
    auth_header = request.headers.get('Authorization')
    uid = None
    try:
        uid = verify_role(auth_header, 'farmer')
        listing_id, listing_data = _create_listing(uid, "produce", request.get_json())
        return jsonify({'success': True, 'message': 'Produce listing created, pending approval.', 'listing_id': listing_id}), 201
    except Exception as e: return handle_route_errors(e, uid_context=uid)

@app.route('/api/listings/demand', methods=['POST'])
def create_demand_listing():
    auth_header = request.headers.get('Authorization')
    uid = None
    try:
        uid = verify_role(auth_header, 'buyer')
        listing_id, listing_data = _create_listing(uid, "demand", request.get_json())
        return jsonify({'success': True, 'message': 'Demand listing created, pending approval.', 'listing_id': listing_id}), 201
    except Exception as e: return handle_route_errors(e, uid_context=uid)

@app.route('/api/listings/my', methods=['GET'])
def get_my_listings():
    auth_header = request.headers.get('Authorization')
    uid = None
    try:
        uid = verify_token(auth_header)
        if not FIREBASE_INITIALIZED: 
            return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        # Get all listings from Firebase
        listings_ref = db.reference('listings', app=db_app)
        all_listings = listings_ref.get()

        if not all_listings or not isinstance(all_listings, dict):
            return jsonify({'success': True, 'listings': []}), 200

        # Filter listings by the authenticated user's UID
        user_listings = []
        for listing_id, listing_data in all_listings.items():
            if isinstance(listing_data, dict) and listing_data.get('lister_id') == uid:
                # Add the listing_id to the listing data for frontend convenience
                listing_data['id'] = listing_id
                user_listings.append(listing_data)

        # Sort by creation date (most recent first) if available
        user_listings.sort(key=lambda x: x.get('created_at', ''), reverse=True)

        return jsonify({
            'success': True, 
            'listings': user_listings,
            'count': len(user_listings)
        }), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=uid)

# MODIFIED: User Update/Remove Own Listing to handle coordinates
@app.route('/api/listings/<listing_id>', methods=['PUT', 'DELETE'])
def user_manage_listing(listing_id):
    auth_header = request.headers.get('Authorization')
    uid = None
    try:
        uid = verify_token(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        listing_ref = db.reference(f'listings/{listing_id}', app=db_app)
        listing_data = listing_ref.get()

        if not listing_data or not isinstance(listing_data, dict):
            return jsonify({'error': 'Listing not found.'}), 404

        if listing_data.get('lister_id') != uid:
            return jsonify({'error': 'Not authorized to manage this listing.'}), 403

        if request.method == 'PUT':
            data = request.get_json()
            update_payload = {}
            requires_reapproval = False

            # Fields that, if changed, require re-approval
            # MODIFIED: 'location_coords' is now a critical field.
            critical_fields = ['crop_type', 'quantity', 'location_coords', 'asking_price', 'harvest_date', 'quality_specs', 'price_range']

            for field in critical_fields:
                if field in data and data[field] != listing_data.get(field):
                    update_payload[field] = data[field]
                    requires_reapproval = True

            # --- MODIFIED: Handle location_coords update and geohash recalculation ---
            if 'location_coords' in update_payload:
                coords = update_payload['location_coords']
                if isinstance(coords, dict) and 'latitude' in coords and 'longitude' in coords:
                    lat, lon = coords['latitude'], coords['longitude']
                    if isinstance(lat, (int, float)) and isinstance(lon, (int, float)):
                        update_payload['geohash'] = _calculate_geohash(lat, lon)
                    else:
                        return jsonify({'error': 'Invalid latitude/longitude in location_coords.'}), 400
                else:
                    return jsonify({'error': 'Invalid location_coords object.'}), 400

            # Allow user to change status to inactive/closed without re-approval
            if 'status' in data and data['status'] in ['inactive', 'closed']:
                update_payload['status'] = data['status']
            elif 'status' in data and data['status'] not in ['inactive', 'closed'] and data['status'] != listing_data.get('status'):
                # If user tries to set to active or pending, force pending_approval if critical fields changed
                if requires_reapproval:
                    update_payload['status'] = 'pending_approval'
                else: # If no critical fields changed, allow status update if valid
                    update_payload['status'] = data['status'] # e.g., from inactive back to active if no critical changes

            if requires_reapproval and update_payload.get('status') != 'pending_approval':
                update_payload['status'] = 'pending_approval' # Ensure pending approval if critical fields changed

            if not update_payload:
                return jsonify({'error': 'No valid fields to update provided or no changes detected.'}), 400

            update_payload['last_updated_at'] = datetime.now(timezone.utc).isoformat()
            listing_ref.update(update_payload)

            message = 'Listing updated successfully.'
            if requires_reapproval:
                message += ' Listing status set to pending_approval due to significant changes.'
                _send_system_notification(uid, f"Your listing for '{listing_data.get('crop_type')}' has been updated and is now pending admin approval.", "listing_status", f"/listings/{listing_id}")
            else:
                _send_system_notification(uid, f"Your listing for '{listing_data.get('crop_type')}' has been updated.", "listing_status", f"/listings/{listing_id}")

            updated_listing = listing_ref.get()
            return jsonify({'success': True, 'message': message, 'listing': updated_listing}), 200

        elif request.method == 'DELETE':
            listing_ref.delete()
            _send_system_notification(uid, f"Your {listing_data.get('listing_type')} listing for '{listing_data.get('crop_type')}' has been removed.", "listing_removed", f"/my-listings")
            return jsonify({'success': True, 'message': 'Listing removed successfully.'}), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=uid)


@app.route('/api/market/<listing_type>', methods=['GET'])
def get_active_listings(listing_type):
    uid_context = "public_market_listings"
    try:
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        if listing_type not in ["produce", "demand"]: return jsonify({'error': 'Invalid listing type'}), 400
        listings_ref = db.reference('listings', app=db_app).order_by_child('status').equal_to('active')
        all_active = listings_ref.get() or {}
        type_filtered = {lid: ldata for lid, ldata in all_active.items() if ldata and ldata.get('listing_type') == listing_type}
        
        # NOTE: The text-based location filter below will only work for legacy data that has the 'location' text field.
        # A proper distance-based filter for all listings would require a more complex implementation.
        crop_filter, loc_filter = request.args.get('crop_type'), request.args.get('location')
        
        final_listings = []
        for lid, ldata in type_filtered.items():
            match = True
            if crop_filter and ldata.get('crop_type', '').lower() != crop_filter.lower(): match = False
            if loc_filter and ldata.get('location', '').lower() != loc_filter.lower(): match = False
            if match: final_listings.append({'id': lid, **ldata})
        return jsonify(final_listings), 200
    except Exception as e: return handle_route_errors(e, uid_context=uid_context)

@app.route('/api/admin/listings/pending', methods=['GET'])
def admin_get_pending_listings():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid, _, _ = verify_admin_or_facilitator(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        listings_ref = db.reference('listings', app=db_app).order_by_child('status').equal_to('pending_approval')
        return jsonify(listings_ref.get() or {}), 200
    except Exception as e: return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/listings/action/<listing_id>', methods=['POST'])
def admin_action_on_listing(listing_id):
    auth_header = request.headers.get('Authorization')
    reviewer_uid = None
    try:
        reviewer_uid, _, _ = verify_admin_or_facilitator(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        data = request.get_json(); action = data.get('action')
        if action not in ['approve', 'reject']: return jsonify({'error': 'Invalid action.'}), 400
        listing_ref = db.reference(f'listings/{listing_id}', app=db_app); listing = listing_ref.get()
        if not listing or listing.get('status') != 'pending_approval': return jsonify({'error': 'Listing not found or not pending.'}), 404
        new_status = 'active' if action == 'approve' else 'rejected'
        listing_ref.update({'status': new_status, 'reviewed_by': reviewer_uid, 'reviewed_at': datetime.now(timezone.utc).isoformat()})
        _send_system_notification(listing.get('lister_id'), f"Your {listing.get('listing_type')} listing for '{listing.get('crop_type')}' has been {new_status}d.", "listing_status", f"/listings/{listing_id}")
        return jsonify({'success': True, 'message': f"Listing {listing_id} {new_status}."}), 200
    except Exception as e: return handle_route_errors(e, uid_context=reviewer_uid)

# NEW: Admin Remove Any Listing
@app.route('/api/admin/listings/<listing_id>/remove', methods=['DELETE'])
def admin_remove_listing(listing_id):
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid, _, _ = verify_admin_or_facilitator(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        listing_ref = db.reference(f'listings/{listing_id}', app=db_app)
        listing_data = listing_ref.get()

        if not listing_data or not isinstance(listing_data, dict):
            return jsonify({'error': 'Listing not found.'}), 404

        lister_id = listing_data.get('lister_id')
        listing_type = listing_data.get('listing_type', 'item')
        crop_type = listing_data.get('crop_type', 'N/A')

        listing_ref.delete()

        if lister_id:
            _send_system_notification(lister_id, f"Your {listing_type} listing for '{crop_type}' (ID: {listing_id}) has been removed by an administrator.", "listing_removed_by_admin", f"/my-listings")

        return jsonify({'success': True, 'message': f'Listing {listing_id} removed by admin/facilitator.'}), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=admin_uid)


#--- Deal Management (MODIFIED SECTION) ---
@app.route('/api/deals/propose', methods=['POST'])
def propose_deal():
    auth_header = request.headers.get('Authorization')
    requester_uid = None # UID of the user making the API call (admin/user)
    acting_uid = None # UID of the user on whose behalf the action is taken

    try:
        logger.info(f"Backend /api/deals/propose received headers: {request.headers}")
        logger.info(f"Backend /api/deals/propose received raw data: {request.get_data(as_text=True)}")

        requester_uid = verify_token(auth_header) # Can raise exceptions
        if not FIREBASE_INITIALIZED:
            return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        data = request.get_json()
        if not data:
            logger.error("Backend /api/deals/propose: No JSON data received or failed to parse.")
            return jsonify({'error': 'Invalid JSON data received.'}), 400

        on_behalf_of_uid = data.get('on_behalf_of_uid')

        if on_behalf_of_uid:
            # If acting on behalf of someone, verify the requester is an admin/facilitator
            admin_or_facilitator_uid, _, _ = verify_admin_or_facilitator(auth_header) # This will raise if not admin/facilitator
            acting_uid = on_behalf_of_uid
            
            # Verify the user on whose behalf we are acting exists and is a farmer (for WhatsApp farmers)
            acting_user_profile = db.reference(f'users/{acting_uid}', app=db_app).get()
            if not acting_user_profile:
                return jsonify({'error': f'User {acting_uid} (on_behalf_of) not found.'}), 404
            
            # Constraint: WhatsApp farmers can only list produce, so they can only *propose* against demand listings.
            # This means the acting_uid must be a farmer.
            if not acting_user_profile.get('roles', {}).get('farmer') and acting_user_profile.get('account_type') != 'whatsapp_managed':
                return jsonify({'error': f'User {acting_uid} is not a farmer or WhatsApp-managed farmer, cannot propose on their behalf.'}), 403
            
            logger.info(f"Admin/Facilitator {admin_or_facilitator_uid} proposing deal on behalf of {acting_uid}.")
        else:
            acting_uid = requester_uid # Regular user proposing

        listing_id = data.get('listing_id')
        proposed_quantity_by_user = data.get('quantity')
        proposed_price_per_unit_by_user = data.get('price')
        notes = data.get('notes', "")

        logger.info(f"Backend /api/deals/propose: Parsed data - listing_id='{listing_id}', quantity='{proposed_quantity_by_user}', price='{proposed_price_per_unit_by_user}'")

        if not listing_id or proposed_quantity_by_user is None or proposed_price_per_unit_by_user is None:
            logger.error(f"Backend /api/deals/propose: Missing required fields. listing_id: {listing_id}, quantity: {proposed_quantity_by_user}, price: {proposed_price_per_unit_by_user}")
            return jsonify({'error': 'listing_id, quantity, and price are required.'}), 400

        try:
            proposed_quantity_by_user = int(proposed_quantity_by_user)
            proposed_price_per_unit_by_user = float(proposed_price_per_unit_by_user)
            if proposed_quantity_by_user <= 0 or proposed_price_per_unit_by_user <= 0:
                raise ValueError("Quantity and price must be positive numbers.")
        except ValueError as ve:
            logger.error(f"Backend /api/deals/propose: Invalid quantity or price. Error: {str(ve)}")
            return jsonify({'error': f'Invalid quantity or price: {str(ve)}'}), 400

        listing_ref = db.reference(f'listings/{listing_id}', app=db_app)
        listing_data = listing_ref.get()

        if not listing_data or not isinstance(listing_data, dict) or listing_data.get('status') != 'active':
            logger.error(f"Backend /api/deals/propose: Target listing {listing_id} not found, not active, or invalid.")
            return jsonify({'error': 'Target listing not found, not active, or invalid.'}), 404

        original_lister_id = listing_data.get('lister_id')
        listing_type = listing_data.get('listing_type') # 'produce' or 'demand'

        if original_lister_id == acting_uid:
            logger.error(f"Backend /api/deals/propose: User {acting_uid} attempting to deal with own listing {listing_id}.")
            return jsonify({'error': 'Cannot propose a deal to your own listing/demand.'}), 400

        deal_farmer_id = None
        deal_buyer_id = None
        deal_notes_prefix = ""
        notification_recipient_id = original_lister_id # The other party

        if listing_type == 'produce':
            # Current user (proposer acting_uid) is a BUYER, proposing to a FARMER's produce listing.
            # If acting on behalf of a WhatsApp farmer, they cannot be the buyer here.
            if on_behalf_of_uid and acting_user_profile.get('account_type') == 'whatsapp_managed':
                return jsonify({'error': 'WhatsApp farmers can only propose deals as a farmer (against demand listings).'}), 403

            deal_farmer_id = original_lister_id
            deal_buyer_id = acting_uid
            deal_notes_prefix = "Buyer's proposal: "

            available_quantity = listing_data.get('quantity', 0)
            if proposed_quantity_by_user > available_quantity:
                logger.error(f"Backend /api/deals/propose: Proposed quantity {proposed_quantity_by_user} exceeds available {available_quantity} for produce listing {listing_id}.")
                return jsonify({'error': f'Proposed quantity ({proposed_quantity_by_user}) exceeds available quantity ({available_quantity}) for the listing.'}), 400

        elif listing_type == 'demand':
            # Current user (proposer acting_uid) is a FARMER, making an offer against a BUYER's demand listing.
            deal_farmer_id = acting_uid
            deal_buyer_id = original_lister_id
            deal_notes_prefix = "Farmer's offer against demand: "

            # Optional: Check if farmer's offered quantity matches/is within demand's quantity
            # demand_quantity_needed = listing_data.get('quantity', float('inf')) # Assuming demand listing also has 'quantity'
            # if proposed_quantity_by_user > demand_quantity_needed:
            #    logger.error(f"Backend /api/deals/propose: Farmer's offered quantity {proposed_quantity_by_user} exceeds demanded quantity {demand_quantity_needed} for demand {listing_id}.")
            #    return jsonify({'error': f'Your offered quantity ({proposed_quantity_by_user}) exceeds the demanded quantity ({demand_quantity_needed}).'}), 400
        else:
            logger.error(f"Backend /api/deals/propose: Invalid target listing type '{listing_type}' for listing {listing_id}.")
            return jsonify({'error': 'Invalid target listing type for creating a deal.'}), 400

        deal_id = str(uuid.uuid4())
        deal_data_to_set = {
            'deal_id': deal_id,
            'proposer_id': acting_uid, # Use acting_uid here
            'listing_id': listing_id,
            'farmer_id': deal_farmer_id,
            'buyer_id': deal_buyer_id,
            'proposed_quantity': proposed_quantity_by_user,
            'proposed_price': proposed_price_per_unit_by_user, # This is price_per_unit
            'deal_notes': deal_notes_prefix + notes,
            'status': 'proposed',
            'created_at': datetime.now(timezone.utc).isoformat(),
            'chat_room_id': f"deal_{deal_id}"
        }
        # If an admin acted on behalf, record that
        if on_behalf_of_uid:
            deal_data_to_set['proxied_by_admin_uid'] = requester_uid

        db.reference(f'deals/{deal_id}', app=db_app).set(deal_data_to_set)

        _send_system_notification(
            notification_recipient_id,
            f"You have a new proposal/offer from {acting_uid[:6]}... regarding your {listing_type} for '{listing_data.get('crop_type')}'. Qty: {proposed_quantity_by_user}, Price/Unit: {proposed_price_per_unit_by_user}",
            "new_deal_proposal",
            f"/deals/{deal_id}"
        )
        logger.info(f"Backend /api/deals/propose: Deal {deal_id} created successfully by UID {acting_uid} for listing {listing_id}.")
        return jsonify({'success': True, 'message': 'Proposal/Offer submitted successfully.', 'deal': deal_data_to_set}), 201

    except Exception as e:
        # Log the original error before passing to generic handler
        logger.error(f"Backend /api/deals/propose: Unhandled exception for UID {acting_uid or requester_uid or 'unknown'}. Error: {str(e)}\n{traceback.format_exc()}")
        return handle_route_errors(e, uid_context=acting_uid or requester_uid or "propose_deal_unknown_user")

@app.route('/api/deals/<deal_id>/respond', methods=['POST'])
def respond_to_deal(deal_id):
    auth_header = request.headers.get('Authorization')
    requester_uid = None # UID of the user making the API call (admin/user)
    acting_uid = None  # UID of the user on whose behalf the action is taken

    try:
        requester_uid = verify_token(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error'}), 503

        data = request.get_json()
        response_action = data.get('action')  # 'accept' or 'reject'
        on_behalf_of_uid = data.get('on_behalf_of_uid')

        if on_behalf_of_uid:
            # If acting on behalf of someone, verify the requester is an admin/facilitator
            admin_or_facilitator_uid, _, _ = verify_admin_or_facilitator(auth_header) # This will raise if not admin/facilitator
            acting_uid = on_behalf_of_uid

            # Verify the user on whose behalf we are acting exists and is a farmer (for WhatsApp farmers)
            acting_user_profile = db.reference(f'users/{acting_uid}', app=db_app).get()
            if not acting_user_profile:
                return jsonify({'error': f'User {acting_uid} (on_behalf_of) not found.'}), 404

            # Constraint: WhatsApp farmers can only list produce, so they would only *respond* as a farmer.
            if not acting_user_profile.get('roles', {}).get('farmer') and acting_user_profile.get('account_type') != 'whatsapp_managed':
                return jsonify({'error': f'User {acting_uid} is not a farmer or WhatsApp-managed farmer, cannot respond on their behalf.'}), 403

            logger.info(f"Admin/Facilitator {admin_or_facilitator_uid} responding to deal {deal_id} on behalf of {acting_uid}.")
        else:
            acting_uid = requester_uid # Regular user responding

        if response_action not in ['accept', 'reject']:
            return jsonify({'error': 'Invalid action. Must be "accept" or "reject".'}), 400

        deal_ref = db.reference(f'deals/{deal_id}', app=db_app)
        deal_data = deal_ref.get()

        if not deal_data or not isinstance(deal_data, dict):
            return jsonify({'error': 'Deal not found.'}), 404

        current_deal_status = deal_data.get('status')
        proposer_id = deal_data.get('proposer_id')
        farmer_id_in_deal = deal_data.get('farmer_id')
        buyer_id_in_deal = deal_data.get('buyer_id')

        # Authorization Check: Who is allowed to respond?
        can_respond = False
        if current_deal_status == 'proposed':
            if proposer_id == buyer_id_in_deal and acting_uid == farmer_id_in_deal: # Buyer proposed, Farmer responds
                can_respond = True
            elif proposer_id == farmer_id_in_deal and acting_uid == buyer_id_in_deal: # Farmer proposed/countered, Buyer responds
                can_respond = True
        # Add other statuses if a different party needs to respond (e.g., after admin action)

        if not can_respond:
            logger.warning(f"UID {acting_uid} unauthorized to respond to deal {deal_id}. Deal status: {current_deal_status}, Proposer: {proposer_id}, Farmer: {farmer_id_in_deal}, Buyer: {buyer_id_in_deal}")
            return jsonify({'error': 'Not authorized to respond to this deal at its current state.'}), 403

        update_time = datetime.now(timezone.utc).isoformat()

        # Determine the other party for notification
        other_party_id = None
        if acting_uid == farmer_id_in_deal:
            other_party_id = buyer_id_in_deal
        elif acting_uid == buyer_id_in_deal:
            other_party_id = farmer_id_in_deal

        listing_id = deal_data.get('listing_id')
        listing_data_for_notif = {}
        if listing_id:
            listing_data_for_notif = db.reference(f'listings/{listing_id}', app=db_app).get() or {}
        crop_type_for_notif = listing_data_for_notif.get('crop_type', 'your listing/demand')

        update_payload = {}
        if on_behalf_of_uid:
            update_payload['proxied_by_admin_uid'] = requester_uid # Record who proxied the action

        if response_action == 'accept':
            # Quantity check (if applicable, e.g., if responding to a proposal against a produce listing)
            if proposer_id == buyer_id_in_deal and acting_uid == farmer_id_in_deal: # Farmer accepting buyer's proposal
                if listing_id and isinstance(listing_data_for_notif, dict):
                    available_quantity = listing_data_for_notif.get('quantity', 0)
                    proposed_quantity = deal_data.get('proposed_quantity', 0)
                    if proposed_quantity > available_quantity:
                        deal_ref.update({
                            'status': 'rejected_by_system_insufficient_qty',
                            'system_rejection_at': update_time,
                            'system_rejection_reason': f'Listing quantity ({available_quantity}) insufficient for deal quantity ({proposed_quantity}) at time of acceptance.'
                        })
                        if other_party_id:
                            _send_system_notification(other_party_id, f"Your deal proposal for '{crop_type_for_notif}' could not be accepted due to insufficient stock.", "deal_status_update", f"/deals/{deal_id}")
                        return jsonify({'success': False, 'error': 'Deal could not be accepted. Listing quantity is no longer sufficient.'}), 409

            accepted_by_field = ""
            new_status = ""
            if acting_uid == farmer_id_in_deal:
                accepted_by_field = "farmer_accepted_at"
                new_status = "accepted_by_farmer" # Farmer accepts buyer's proposal
                notification_message_to_other_party = f"Your deal proposal for '{crop_type_for_notif}' has been ACCEPTED by the farmer. It is now pending admin approval."
            elif acting_uid == buyer_id_in_deal:
                accepted_by_field = "buyer_accepted_at"
                new_status = "accepted_by_buyer" # Buyer accepts farmer's offer/counter
                notification_message_to_other_party = f"Your offer/counter-offer for '{crop_type_for_notif}' has been ACCEPTED by the buyer. It is now pending admin approval."
            else: # Should not happen due to auth check
                return jsonify({'error': 'Internal error determining accepter role.'}), 500

            update_payload.update({'status': new_status, accepted_by_field: update_time, 'last_responder_id': acting_uid})
            deal_ref.update(update_payload)

            if other_party_id:
                _send_system_notification(other_party_id, notification_message_to_other_party, "deal_status_update", f"/deals/{deal_id}")

            # Notify admins
            admins_ref = db.reference('users', app=db_app).order_by_child('is_admin').equal_to(True).get()
            if admins_ref:
                for admin_id_loop, _ in admins_ref.items():
                     _send_system_notification(admin_id_loop, f"Deal ID {deal_id} for '{crop_type_for_notif}' has been accepted by {acting_uid[:6]}... and needs your approval.", "admin_deal_approval_needed", f"/admin/deals/pending") # Path for admin to see pending deals

            return jsonify({'success': True, 'message': f'Deal accepted by {("farmer" if acting_uid == farmer_id_in_deal else "buyer")}, pending admin approval.'}), 200

        elif response_action == 'reject':
            rejected_by_field = ""
            new_status = ""
            if acting_uid == farmer_id_in_deal:
                rejected_by_field = "farmer_rejected_at" # Or just 'responded_at'
                new_status = "rejected_by_farmer"
                notification_message_to_other_party = f"Your deal proposal for '{crop_type_for_notif}' has been REJECTED by the farmer."
            elif acting_uid == buyer_id_in_deal:
                rejected_by_field = "buyer_rejected_at"
                new_status = "rejected_by_buyer"
                notification_message_to_other_party = f"Your offer/counter-offer for '{crop_type_for_notif}' has been REJECTED by the buyer."
            else: # Should not happen
                return jsonify({'error': 'Internal error determining rejector role.'}), 500

            update_payload.update({'status': new_status, rejected_by_field: update_time, 'last_responder_id': acting_uid})
            deal_ref.update(update_payload)
            if other_party_id:
                _send_system_notification(other_party_id, notification_message_to_other_party, "deal_status_update", f"/deals/{deal_id}")
            return jsonify({'success': True, 'message': f'Deal rejected by {("farmer" if acting_uid == farmer_id_in_deal else "buyer")}.'}), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=acting_uid or requester_uid)

@app.route('/api/deals/<deal_id>/complete', methods=['POST'])
def complete_deal_by_admin(deal_id):
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error'}), 503

        deal_ref = db.reference(f'deals/{deal_id}', app=db_app)
        deal_data = deal_ref.get()

        if not deal_data or not isinstance(deal_data, dict):
            return jsonify({'error': 'Deal not found.'}), 404

        if deal_data.get('status') != 'active':
            if not (deal_data.get('status') == 'active' and deal_data.get('transport_status') in ['transporter_accepted', 'in_transit', 'transport_completed', None]):
                 return jsonify({'error': f"Deal cannot be completed by admin from current status: '{deal_data.get('status')}' / transport: '{deal_data.get('transport_status')}'."}), 400

        listing_id = deal_data.get('listing_id')
        deal_quantity = deal_data.get('proposed_quantity', 0)

        if not listing_id or not isinstance(deal_quantity, (int, float)) or deal_quantity <= 0:
            return jsonify({'error': 'Deal data is incomplete (missing listing_id or invalid quantity). Cannot complete.'}), 400

        listing_ref = db.reference(f'listings/{listing_id}', app=db_app)

        def update_listing_transaction(current_listing_data_tx):
            if not current_listing_data_tx or not isinstance(current_listing_data_tx, dict):
                logger.error(f"CompleteDealByAdmin: Listing {listing_id} not found or malformed during transaction for deal {deal_id}.")
                return current_listing_data_tx

            current_listing_quantity = current_listing_data_tx.get('quantity', 0)
            new_listing_quantity = current_listing_quantity - deal_quantity

            updates = {}
            if new_listing_quantity <= 0:
                updates['quantity'] = 0
                updates['status'] = 'closed'
            else:
                updates['quantity'] = new_listing_quantity

            current_listing_data_tx.update(updates)
            return current_listing_data_tx

        transaction_result = listing_ref.transaction(update_listing_transaction)

        if transaction_result is None and listing_ref.get() is not None :
            logger.warning(f"CompleteDealByAdmin: Transaction to update listing {listing_id} for deal {deal_id} was aborted or listing became null. Deal will be marked complete, but listing quantity may not be updated.")
        elif listing_ref.get() is None:
             logger.warning(f"CompleteDealByAdmin: Listing {listing_id} not found for deal {deal_id}. Deal will be marked complete, but listing quantity not updated.")
        else:
            logger.info(f"Deal {deal_id} completion: Listing {listing_id} quantity updated via transaction.")

        deal_updates = {
            'status': 'completed',
            'completed_at': datetime.now(timezone.utc).isoformat(),
            'completed_by': admin_uid
        }
        if deal_data.get('assigned_transporter_id'):
            deal_updates['transport_status'] = 'transport_completed'

        deal_ref.update(deal_updates)

        farmer_id = deal_data.get('farmer_id')
        buyer_id = deal_data.get('buyer_id')
        transporter_id = deal_data.get('assigned_transporter_id')

        listing_data_for_notif = db.reference(f'listings/{listing_id}', app=db_app).get() or {}
        crop_type_for_notif = listing_data_for_notif.get('crop_type', 'your item')

        if farmer_id:
            _send_system_notification(farmer_id, f"Admin has marked deal {deal_id} for '{crop_type_for_notif}' as COMPLETED.", "deal_completed_by_admin", f"/deals/{deal_id}")
        if buyer_id:
            _send_system_notification(buyer_id, f"Admin has marked deal {deal_id} for '{crop_type_for_notif}' as COMPLETED.", "deal_completed_by_admin", f"/deals/{deal_id}")
        if transporter_id and deal_data.get('assigned_transporter_id'):
            _send_system_notification(transporter_id, f"Admin has marked transport job for deal {deal_id} as COMPLETED.", "transport_job_completed_by_admin", f"/transporter/jobs/{deal_id}")

        return jsonify({'success': True, 'message': f'Deal {deal_id} marked as completed by admin. Listing quantity updated (if applicable).'}), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/deals/my', methods=['GET'])
def get_my_deals():
    auth_header = request.headers.get('Authorization')
    uid = None
    try:
        if not FIREBASE_INITIALIZED:
            return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        uid = verify_token(auth_header)
        if not uid:
             return jsonify({'error': 'Invalid or expired token / verification failed.'}), 401

        all_deals_ref = db.reference('deals', app=db_app)
        all_deals = all_deals_ref.get()

        my_deals = {}
        if all_deals:
            for deal_id, deal_data_loop in all_deals.items():
                if isinstance(deal_data_loop, dict) and \
                   (deal_data_loop.get('buyer_id') == uid or \
                    deal_data_loop.get('farmer_id') == uid or \
                    deal_data_loop.get('assigned_transporter_id') == uid):
                    deal_data_with_id = deal_data_loop.copy()
                    deal_data_with_id['deal_id'] = deal_id
                    my_deals[deal_id] = deal_data_with_id

        return jsonify(my_deals), 200

    except Exception as e_auth_related:
        return handle_route_errors(e_auth_related, uid_context=uid)

# NEW: Admin Remove Any Deal
@app.route('/api/admin/deals/<deal_id>/remove', methods=['DELETE'])
def admin_remove_deal(deal_id):
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid, _, _ = verify_admin_or_facilitator(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        deal_ref = db.reference(f'deals/{deal_id}', app=db_app)
        deal_data = deal_ref.get()

        if not deal_data or not isinstance(deal_data, dict):
            return jsonify({'error': 'Deal not found.'}), 404

        farmer_id = deal_data.get('farmer_id')
        buyer_id = deal_data.get('buyer_id')
        transporter_id = deal_data.get('assigned_transporter_id')
        listing_id = deal_data.get('listing_id')

        crop_type = "N/A"
        if listing_id:
            listing_details = db.reference(f'listings/{listing_id}', app=db_app).get()
            if listing_details:
                crop_type = listing_details.get('crop_type', 'N/A')

        deal_ref.delete()

        message_to_parties = f"Deal ID {deal_id} for '{crop_type}' has been removed by an administrator."
        if farmer_id:
            _send_system_notification(farmer_id, message_to_parties, "deal_removed_by_admin", f"/my-deals")
        if buyer_id:
            _send_system_notification(buyer_id, message_to_parties, "deal_removed_by_admin", f"/my-deals")
        if transporter_id:
            _send_system_notification(transporter_id, f"Your transport job for deal {deal_id} has been cancelled by an administrator.", "transport_job_cancelled_by_admin", f"/transporter/jobs")

        return jsonify({'success': True, 'message': f'Deal {deal_id} removed by admin/facilitator.'}), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=admin_uid)

# Removed the admin_create_manual_deal endpoint as its functionality is now integrated into propose_deal and respond_to_deal.


#--- END OF MODIFIED DEAL MANAGEMENT SECTION ---
#--- TRANSPORTER ENDPOINTS (NEW BLOCK) ---

# --- NEW: Find Nearest Transporters Endpoint ---
@app.route('/api/transporters/find-nearest', methods=['POST'])
def find_nearest_transporters():
    auth_header = request.headers.get('Authorization')
    uid = None
    try:
        # Any authenticated user can find transporters
        uid = verify_token(auth_header)
        if not FIREBASE_INITIALIZED:
            return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        data = request.get_json()
        lat = data.get('latitude')
        lon = data.get('longitude')
        radius_km = data.get('radius_km', 50) # Default search radius of 50km

        if not isinstance(lat, (int, float)) or not isinstance(lon, (int, float)):
            return jsonify({'error': 'Valid latitude and longitude are required.'}), 400
        if not (isinstance(radius_km, (int, float)) and radius_km > 0):
            return jsonify({'error': 'A valid, positive search radius (radius_km) is required.'}), 400

        origin_coords = {'latitude': lat, 'longitude': lon}
        
        # 1. Get the 9-box geohash query area
        geohash_area_to_query = _get_geohash_query_area(lat, lon)
        
        candidate_transporters = {} # Use dict to avoid duplicates

        # 2. Query Firebase for each geohash box
        # NOTE: This performs 9 separate queries. For very high traffic,
        # a more advanced data structure/service might be needed.
        for gh in geohash_area_to_query:
            # Query users by geohash. Indexing '.indexOn": ["geohash"]' in Firebase rules for 'users' is critical for performance.
            query_results = db.reference('users', app=db_app).order_by_child('geohash').equal_to(gh).get()
            if query_results:
                for user_id, user_data in query_results.items():
                    # 3. Filter for actual transporters with valid coordinates
                    if user_data and user_data.get('roles', {}).get('transporter') and user_data.get('location_coords'):
                        candidate_transporters[user_id] = user_data
        
        # 4. Perform precise distance calculation and filtering
        transporters_in_radius = []
        for user_id, user_data in candidate_transporters.items():
            distance = _calculate_distance(origin_coords, user_data['location_coords'])
            if distance <= radius_km:
                # Add distance to the user data before returning
                user_data_with_dist = user_data.copy()
                user_data_with_dist['uid'] = user_id
                user_data_with_dist['distance_km'] = round(distance, 2)
                transporters_in_radius.append(user_data_with_dist)

        # 5. Sort the final list by distance
        transporters_in_radius.sort(key=lambda x: x['distance_km'])

        return jsonify(transporters_in_radius), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=uid)

@app.route('/api/admin/deals/<deal_id>/assign-transporter', methods=['POST'])
def admin_assign_transporter(deal_id):
    auth_header = request.headers.get('Authorization')
    reviewer_uid = None
    try:
        reviewer_uid, _, _ = verify_admin_or_facilitator(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        data = request.get_json()
        transporter_id = data.get('transporter_id')
        initial_offer_amount = data.get('initial_offer_amount')
        initial_currency = data.get('initial_currency', 'USD')
        proposed_pickup_date = data.get('proposed_pickup_date')
        notes_for_transporter = data.get('notes_for_transporter', "")

        if not transporter_id or initial_offer_amount is None or not proposed_pickup_date:
            return jsonify({'error': 'transporter_id, initial_offer_amount, and proposed_pickup_date are required.'}), 400

        try:
            initial_offer_amount = float(initial_offer_amount)
        except ValueError:
            return jsonify({'error': 'initial_offer_amount must be a valid number.'}), 400

        deal_ref = db.reference(f'deals/{deal_id}', app=db_app)
        deal_data = deal_ref.get()

        if not deal_data:
            return jsonify({'error': 'Deal not found.'}), 404

        if deal_data.get('status') != 'active': # Only assign transport to active deals
            return jsonify({'error': f"Deal is not active. Current status: {deal_data.get('status')}"}), 400

        transporter_profile_ref = db.reference(f'users/{transporter_id}', app=db_app)
        transporter_profile = transporter_profile_ref.get()
        if not transporter_profile or not transporter_profile.get('roles', {}).get('transporter'):
            return jsonify({'error': 'Invalid transporter ID or user is not a transporter.'}), 400

        transport_offer_details = {
            "amount": initial_offer_amount,
            "currency": initial_currency,
            "pickup_date_proposed": proposed_pickup_date,
            "delivery_date_proposed": data.get("proposed_delivery_date", ""),
            "notes": notes_for_transporter,
            "offered_by": "admin", # Or reviewer_uid for more specific tracking
            "offer_timestamp": datetime.now(timezone.utc).isoformat()
        }

        update_payload = {
            'assigned_transporter_id': transporter_id,
            'transport_status': 'assigned', # Job is now assigned to the transporter
            'transport_offer': transport_offer_details,
            'last_transport_update_by': reviewer_uid,
            'last_transport_update_at': datetime.now(timezone.utc).isoformat()
        }

        history_entry_key = db.reference(f'deals/{deal_id}/transport_job_history', app=db_app).push().key
        history_entry = {
            "action": "assigned_to_transporter",
            "user_id": reviewer_uid, # Admin/Facilitator who assigned
            "transporter_id": transporter_id,
            "offer": transport_offer_details,
            "timestamp": datetime.now(timezone.utc).isoformat()
        }
        update_payload[f'transport_job_history/{history_entry_key}'] = history_entry

        deal_ref.update(update_payload)

        # Denormalize for transporter's easy query
        transporter_job_summary = {
            'deal_id': deal_id,
            'farmer_id': deal_data.get('farmer_id'),
            'buyer_id': deal_data.get('buyer_id'),
            'listing_id': deal_data.get('listing_id'),
            'transport_status': 'assigned',
            'assigned_at': datetime.now(timezone.utc).isoformat(),
            'offer': transport_offer_details
            # Add other relevant summary fields from the deal if needed
        }
        db.reference(f'transporter_jobs/{transporter_id}/{deal_id}', app=db_app).set(transporter_job_summary)


        _send_system_notification(
            transporter_id,
            f"You have been assigned a new transport job for deal ID: {deal_id}. Please review and respond.",
            "new_transport_job",
            f"/transporter/jobs/{deal_id}" # Example link for frontend
        )

        return jsonify({'success': True, 'message': f'Transport job for deal {deal_id} assigned to transporter {transporter_id}.'}), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=reviewer_uid)

@app.route('/api/transporter/jobs/pending', methods=['GET'])
def transporter_get_pending_jobs():
    auth_header = request.headers.get('Authorization')
    transporter_uid = None
    try:
        transporter_uid = verify_role(auth_header, 'transporter')
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        # Querying denormalized transporter_jobs for efficiency
        pending_jobs_ref = db.reference(f'transporter_jobs/{transporter_uid}', app=db_app)\
                             .order_by_child('transport_status')\
                             .equal_to('assigned')
        pending_jobs_data = pending_jobs_ref.get() or {}

        # If you need full deal details, you might fetch them based on deal_id from pending_jobs_data
        # For now, returning the summary stored in transporter_jobs
        return jsonify(pending_jobs_data), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=transporter_uid)

@app.route('/api/transporter/deals/<deal_id>/job-action', methods=['POST'])
def transporter_job_action(deal_id):
    auth_header = request.headers.get('Authorization')
    transporter_uid = None
    try:
        transporter_uid = verify_role(auth_header, 'transporter')
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        data = request.get_json()
        action = data.get('action') # "accept", "reject", "counter_offer"

        deal_ref = db.reference(f'deals/{deal_id}', app=db_app)
        deal_data = deal_ref.get()

        if not deal_data or not isinstance(deal_data, dict):
            return jsonify({'error': 'Deal (transport job) not found.'}), 404

        if deal_data.get('assigned_transporter_id') != transporter_uid:
            return jsonify({'error': 'You are not assigned to this transport job.'}), 403

        current_transport_status = deal_data.get('transport_status')

        update_payload = {
            'last_transport_update_by': transporter_uid,
            'last_transport_update_at': datetime.now(timezone.utc).isoformat()
        }
        history_action_type = ""
        notification_message_to_admin = ""
        new_transport_status = "" # Will hold the new status for the deal and transporter_jobs

        if action == "accept":
            if current_transport_status != 'assigned' and current_transport_status != 'admin_reoffered': # Assuming admin can re-offer
                return jsonify({'error': f'Job cannot be accepted from current status: {current_transport_status}'}), 400

            new_transport_status = 'transporter_accepted'
            update_payload['transport_status'] = new_transport_status
            update_payload['transport_offer_accepted_at'] = datetime.now(timezone.utc).isoformat()
            if data.get("acceptance_notes"): # Store notes if provided
                update_payload['transport_acceptance_notes'] = data.get("acceptance_notes")

            history_action_type = "job_accepted"
            notification_message_to_admin = f"Transporter {transporter_uid[:6]}... has ACCEPTED the transport job for deal {deal_id}."

        elif action == "reject":
            if current_transport_status not in ['assigned', 'admin_reoffered', 'admin_rejected_counter']: # Transporter can reject if assigned, or if admin rejected their counter
                 return jsonify({'error': f'Job cannot be rejected from current status: {current_transport_status}'}), 400

            rejection_reason = data.get('rejection_reason', 'No reason provided.')
            new_transport_status = 'transporter_rejected'
            update_payload['transport_status'] = new_transport_status
            update_payload['transport_rejection_reason'] = rejection_reason
            # Admin will need to re-assign. Consider if assigned_transporter_id should be nulled here or by admin.

            history_action_type = "job_rejected"
            notification_message_to_admin = f"Transporter {transporter_uid[:6]}... has REJECTED the transport job for deal {deal_id}. Reason: {rejection_reason}"


        elif action == "counter_offer":
            # Can counter if initially 'assigned' or if admin 'admin_rejected_counter' to their previous counter
            if current_transport_status not in ['assigned', 'admin_rejected_counter']:
                return jsonify({'error': f'Cannot make counter-offer from current status: {current_transport_status}'}), 400

            counter_amount = data.get('counter_offer_amount')
            counter_currency = data.get('currency', deal_data.get('transport_offer', {}).get('currency', 'USD'))
            counter_pickup_date = data.get('proposed_pickup_date', deal_data.get('transport_offer', {}).get('pickup_date_proposed'))
            counter_delivery_date = data.get('proposed_delivery_date', deal_data.get('transport_offer', {}).get('delivery_date_proposed', ""))
            counter_notes = data.get('notes', "")

            if counter_amount is None:
                return jsonify({'error': 'counter_offer_amount is required for a counter-offer.'}), 400
            try: counter_amount = float(counter_amount)
            except ValueError: return jsonify({'error': 'counter_offer_amount must be a number.'}), 400

            new_transport_status = 'transporter_counter_offer'
            update_payload['transport_status'] = new_transport_status
            update_payload['transport_offer'] = { # This becomes the new current offer
                "amount": counter_amount,
                "currency": counter_currency,
                "pickup_date_proposed": counter_pickup_date,
                "delivery_date_proposed": counter_delivery_date,
                "notes": counter_notes,
                "offered_by": "transporter",
                "offer_timestamp": datetime.now(timezone.utc).isoformat()
            }
            history_action_type = "job_counter_offered"
            notification_message_to_admin = f"Transporter {transporter_uid[:6]}... has made a COUNTER-OFFER for the transport job on deal {deal_id}."

        else:
            return jsonify({'error': 'Invalid action specified. Must be "accept", "reject", or "counter_offer".'}), 400

        # Log history within the deal
        history_entry_key = db.reference(f'deals/{deal_id}/transport_job_history', app=db_app).push().key
        history_entry_data = {
            "action": history_action_type,
            "user_id": transporter_uid, # The transporter performing the action
            "timestamp": datetime.now(timezone.utc).isoformat(),
        }
        if action == "counter_offer": history_entry_data["offer_details"] = update_payload['transport_offer']
        if action == "reject": history_entry_data["reason"] = rejection_reason
        if action == "accept" and data.get("acceptance_notes"): history_entry_data["notes"] = data.get("acceptance_notes")

        update_payload[f'transport_job_history/{history_entry_key}'] = history_entry_data

        deal_ref.update(update_payload)

        # Notify Admin/Facilitator
        admins_ref = db.reference('users', app=db_app).order_by_child('is_admin').equal_to(True).get()
        if admins_ref:
            for admin_id_loop, _ in admins_ref.items(): # Renamed admin_id
                _send_system_notification(admin_id_loop, notification_message_to_admin, "transport_job_update", f"/admin/deals/{deal_id}")

        # Update denormalized transporter_jobs summary
        transporter_job_ref = db.reference(f'transporter_jobs/{transporter_uid}/{deal_id}', app=db_app)
        if transporter_job_ref.get(): # Check if summary exists
            transporter_job_ref.update({
                'transport_status': new_transport_status,
                'last_action_at': datetime.now(timezone.utc).isoformat(),
                'offer': update_payload.get('transport_offer', deal_data.get('transport_offer'))
            })

        return jsonify({'success': True, 'message': f'Transport job action "{action}" processed successfully.'}), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=transporter_uid)

@app.route('/api/admin/deals/<deal_id>/respond-to-counter-offer', methods=['POST'])
def admin_respond_to_transporter_counter(deal_id):
    auth_header = request.headers.get('Authorization')
    reviewer_uid = None
    try:
        reviewer_uid, _, _ = verify_admin_or_facilitator(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        data = request.get_json()
        action = data.get('action') # "accept_counter" or "reject_counter"
        notes = data.get('notes', "")

        if action not in ["accept_counter", "reject_counter"]:
            return jsonify({'error': 'Invalid action. Must be "accept_counter" or "reject_counter".'}), 400

        deal_ref = db.reference(f'deals/{deal_id}', app=db_app)
        deal_data = deal_ref.get()

        if not deal_data or not isinstance(deal_data, dict):
            return jsonify({'error': 'Deal not found.'}), 404

        if deal_data.get('transport_status') != 'transporter_counter_offer':
            return jsonify({'error': 'Deal is not in "transporter_counter_offer" status.'}), 400

        transporter_id = deal_data.get('assigned_transporter_id')
        if not transporter_id: # Should not happen if status is transporter_counter_offer
            return jsonify({'error': 'No transporter assigned to this deal for counter-offer response.'}), 400

        update_payload = {
            'last_transport_update_by': reviewer_uid,
            'last_transport_update_at': datetime.now(timezone.utc).isoformat()
        }
        history_action_type = ""
        notification_message_to_transporter = ""
        new_transport_status = ""

        if action == "accept_counter":
            new_transport_status = 'transporter_accepted' # The counter offer becomes the accepted offer
            update_payload['transport_status'] = new_transport_status
            update_payload['transport_offer_finalized_at'] = datetime.now(timezone.utc).isoformat()
            # The current deal_data['transport_offer'] is the transporter's counter, which is now accepted.
            history_action_type = "admin_accepted_counter"
            notification_message_to_transporter = f"Your counter-offer for transport on deal {deal_id} has been ACCEPTED by admin."

        elif action == "reject_counter":
            new_transport_status = 'admin_rejected_counter'
            update_payload['transport_status'] = new_transport_status
            if notes: update_payload['admin_rejection_notes_to_transporter'] = notes # Store admin notes
            history_action_type = "admin_rejected_counter"
            notification_message_to_transporter = f"Your counter-offer for transport on deal {deal_id} has been REJECTED by admin. {notes}"
            # Transporter might be able to make another counter, or admin might re-assign.

        # Log history
        history_entry_key = db.reference(f'deals/{deal_id}/transport_job_history', app=db_app).push().key
        history_entry_data = {
            "action": history_action_type,
            "user_id": reviewer_uid, # Admin/Facilitator
            "timestamp": datetime.now(timezone.utc).isoformat(),
            "notes": notes
        }
        update_payload[f'transport_job_history/{history_entry_key}'] = history_entry_data

        deal_ref.update(update_payload)

        _send_system_notification(transporter_id, notification_message_to_transporter, "transport_job_update", f"/transporter/jobs/{deal_id}")

        # Update denormalized transporter_jobs summary
        transporter_job_ref = db.reference(f'transporter_jobs/{transporter_id}/{deal_id}', app=db_app)
        if transporter_job_ref.get():
            transporter_job_ref.update({
                'transport_status': new_transport_status,
                'last_action_at': datetime.now(timezone.utc).isoformat()
                # Offer details remain as the transporter's last counter offer, which was accepted/rejected
            })

        return jsonify({'success': True, 'message': f'Response to transporter counter-offer processed: {action}.'}), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=reviewer_uid)

#--- END OF TRANSPORTER ENDPOINTS ---
#--- ADMIN ENDPOINTS FOR ALL LISTINGS/DEALS (NEW BLOCK) ---
@app.route('/api/admin/listings/all', methods=['GET'])
def admin_get_all_listings():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED:
            return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        listings_ref = db.reference('listings', app=db_app)
        all_listings = listings_ref.get() or {}

        return jsonify(all_listings), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/deals/all', methods=['GET'])
def admin_get_all_deals():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED:
            return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        deals_ref = db.reference('deals', app=db_app)
        all_deals = deals_ref.get() or {}

        return jsonify(all_deals), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=admin_uid)

#--- END OF ADMIN ALL LISTINGS/DEALS ---
#--- ADMIN ENDPOINTS FOR WHATSAPP-MANAGED FARMER ACCOUNTS ---
@app.route('/api/admin/whatsapp-farmers/create', methods=['POST'])
def admin_create_whatsapp_farmer():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED:
            return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        data = request.get_json()
        name = data.get('name')
        phone_number = data.get('phone_number') # Expecting E.164 format ideally
        location = data.get('location', "")
        initial_notes = data.get('initial_notes', "")

        if not name or not phone_number:
            return jsonify({'error': 'Farmer name and phone number are required.'}), 400

        # Basic validation for phone number format (can be enhanced)
        if not re.match(r"^\+?[1-9]\d{1,14}$", phone_number):
            return jsonify({'error': 'Invalid phone number format. Please use E.164 like +263771234567.'}), 400

        # Check if phone number is already in use by a fully registered webapp user
        # This query can be slow if you have many users. Consider indexing phone_number.
        users_ref = db.reference('users', app=db_app)
        existing_user_query = users_ref.order_by_child('phone_number').equal_to(phone_number).limit_to_first(1).get()
        if existing_user_query:
            for existing_uid, existing_user_data in existing_user_query.items():
                if existing_user_data.get('account_type') == 'webapp_registered':
                    return jsonify({'error': f'This phone number is already registered to a web app user (UID: {existing_uid}).'}), 409
                # Optionally, handle if already a whatsapp_managed account with this number
                # if existing_user_data.get('account_type') == 'whatsapp_managed':
                #    return jsonify({'error': f'This phone number is already managed for another WhatsApp farmer (UID: {existing_uid}).'}), 409


        # Generate a unique ID for this WhatsApp-managed farmer
        # This UID will be used in the 'users' node. No Firebase Auth user created at this stage.
        farmer_uid = f"wpfarmer_{str(uuid.uuid4())}"

        profile_data = {
            'uid': farmer_uid, # Store the UID within the profile too for convenience
            'name': name,
            'phone_number': phone_number,
            'email': f"{farmer_uid}@whatsapp.tunasonga.internal", # Placeholder email
            'location': location,
            'roles': {'farmer': True, 'buyer': False, 'transporter': False},
            'account_type': "whatsapp_managed",
            'is_placeholder_account': True, # Indicates this was admin-created before web registration
            'can_login_webapp': False, # Cannot log in to web app yet
            'managed_by_admin_uid': admin_uid,
            'created_at': datetime.now(timezone.utc).isoformat(),
            'created_by_admin_uid': admin_uid, # Explicitly track creator
            'whatsapp_interaction_log': [{ # Start a log
                'timestamp': datetime.now(timezone.utc).isoformat(),
                'action': 'account_created_by_admin',
                'admin_uid': admin_uid,
                'notes': f"Initial notes: {initial_notes}" if initial_notes else "Account created."
            }]
        }

        db.reference(f'users/{farmer_uid}', app=db_app).set(profile_data)

        return jsonify({
            'success': True,
            'message': f'WhatsApp-managed farmer account created for {name} ({phone_number}).',
            'farmer_uid': farmer_uid,
            'profile': profile_data
        }), 201

    except Exception as e:
        return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/whatsapp-farmers', methods=['GET'])
def admin_list_whatsapp_farmers():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED:
            return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        users_ref = db.reference('users', app=db_app)
        # Querying for account_type. This requires an index on 'account_type' in Firebase rules for performance.
        # ".indexOn": ["account_type"] under your "users" rules.
        whatsapp_farmers_query = users_ref.order_by_child('account_type').equal_to('whatsapp_managed').get()

        whatsapp_farmers = whatsapp_farmers_query or {}

        return jsonify(whatsapp_farmers), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/whatsapp-farmers/<farmer_uid>', methods=['GET'])
def admin_get_whatsapp_farmer(farmer_uid):
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED:
            return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        farmer_ref = db.reference(f'users/{farmer_uid}', app=db_app)
        farmer_data = farmer_ref.get()

        if not farmer_data or farmer_data.get('account_type') != 'whatsapp_managed':
            return jsonify({'error': 'WhatsApp-managed farmer not found or not of correct type.'}), 404

        return jsonify(farmer_data), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/whatsapp-farmers/<farmer_uid>/update', methods=['PUT'])
def admin_update_whatsapp_farmer(farmer_uid):
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED:
            return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503

        farmer_ref = db.reference(f'users/{farmer_uid}', app=db_app)
        farmer_data = farmer_ref.get()

        if not farmer_data or farmer_data.get('account_type') != 'whatsapp_managed':
            return jsonify({'error': 'WhatsApp-managed farmer not found or not of correct type.'}), 404

        data = request.get_json()
        updates = {}
        allowed_fields_to_update = ['name', 'location', 'phone_number'] # Define what admin can change

        for field in allowed_fields_to_update:
            if field in data:
                updates[field] = data[field]

        if not updates and 'additional_notes' not in data : # Check if any valid fields or notes are provided
             return jsonify({'error': 'No valid fields to update or notes provided.'}), 400

        # Log the update action
        if data.get('additional_notes'):
            log_entry_key = db.reference(f'users/{farmer_uid}/whatsapp_interaction_log', app=db_app).push().key
            log_entry = {
                'timestamp': datetime.now(timezone.utc).isoformat(),
                'action': 'admin_update_notes',
                'admin_uid': admin_uid,
                'notes': data.get('additional_notes')
            }
            # To add to the log, we need to fetch existing logs or use a transaction if it's critical
            # For simplicity here, we'll just push a new entry.
            # If you want to update the main profile and add a log entry atomically,
            # you'd construct a single update payload for farmer_ref.update()
            db.reference(f'users/{farmer_uid}/whatsapp_interaction_log/{log_entry_key}', app=db_app).set(log_entry)


        if updates: # If there are profile fields to update
            updates['last_updated_by_admin_uid'] = admin_uid
            updates['last_updated_at'] = datetime.now(timezone.utc).isoformat()
            farmer_ref.update(updates)

        updated_farmer_data = farmer_ref.get() # Get the latest data

        return jsonify({
            'success': True,
            'message': f'WhatsApp-managed farmer {farmer_uid} updated.',
            'profile': updated_farmer_data
        }), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=admin_uid)

#--- END OF WHATSAPP-MANAGED FARMER ACCOUNT ENDPOINTS ---
@app.route('/api/admin/deals/pending', methods=['GET'])
def admin_get_pending_deals():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid, _, _ = verify_admin_or_facilitator(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        deals_ref = db.reference('deals', app=db_app).order_by_child('status').equal_to('accepted_by_farmer')
        return jsonify(deals_ref.get() or {}), 200
    except Exception as e: return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/admin/deals/action/<deal_id>', methods=['POST'])
def admin_action_on_deal(deal_id):
    auth_header = request.headers.get('Authorization')
    reviewer_uid = None
    try:
        reviewer_uid, _, _ = verify_admin_or_facilitator(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        data = request.get_json(); action = data.get('action')
        if action not in ['approve', 'reject']: return jsonify({'error': 'Invalid action.'}), 400
        deal_ref = db.reference(f'deals/{deal_id}', app=db_app); deal_data = deal_ref.get()
        if not deal_data or deal_data.get('status') != 'accepted_by_farmer': return jsonify({'error': 'Deal not found or not in correct state for admin action'}), 404
        update_time = datetime.now(timezone.utc).isoformat()
        farmer_id, buyer_id = deal_data.get('farmer_id'), deal_data.get('buyer_id')
        message_text = "" # Renamed
        if action == 'approve':
            deal_ref.update({'status': 'active', 'admin_approved_by': reviewer_uid, 'admin_approved_at': update_time})
            message_text = f"Your deal (ID: {deal_id}) has been approved by admin and is now active."
        elif action == 'reject':
            deal_ref.update({'status': 'rejected_by_admin', 'admin_rejected_by': reviewer_uid, 'admin_rejected_at': update_time})
            message_text = f"Your deal (ID: {deal_id}) has been rejected by admin."
        if message_text:
            _send_system_notification(farmer_id, message_text, "deal_status_update", f"/deals/{deal_id}")
            _send_system_notification(buyer_id, message_text, "deal_status_update", f"/deals/{deal_id}")
        return jsonify({'success': True, 'message': message_text or "Action processed."}), 200
    except Exception as e: return handle_route_errors(e, uid_context=reviewer_uid)

@app.route('/api/chat/send', methods=['POST'])
def send_chat_message():
    auth_header = request.headers.get('Authorization');
    uid = None
    try:
        uid = verify_token(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error'}), 503
        data = request.get_json(); chat_room_id, msg_text = data.get('chat_room_id'), data.get('message_text')
        if not chat_room_id or not msg_text: return jsonify({'error': 'chat_room_id and message_text required'}), 400
        message_id = str(uuid.uuid4())
        message_data = {'sender_id': uid, 'text': msg_text, 'timestamp': datetime.now(timezone.utc).isoformat()}
        db.reference(f'chat_messages/{chat_room_id}/{message_id}', app=db_app).set(message_data)
        return jsonify({'success': True, 'message_id': message_id}), 201
    except Exception as e: return handle_route_errors(e, uid_context=uid)

@app.route('/api/chat/<chat_room_id>', methods=['GET'])
def get_chat_messages(chat_room_id):
    auth_header = request.headers.get('Authorization');
    uid = None
    try:
        uid = verify_token(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error'}), 503
        messages_ref = db.reference(f'chat_messages/{chat_room_id}', app=db_app).order_by_child('timestamp')
        return jsonify(messages_ref.get() or {}), 200
    except Exception as e: return handle_route_errors(e, uid_context=uid)

@app.route('/api/admin/notifications/send', methods=['POST'])
def admin_send_notification():
    auth_header = request.headers.get('Authorization')
    admin_uid = None
    try:
        admin_uid = verify_admin(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        
        data = request.get_json()
        message_content = data.get('message') # For the in-app notification
        target_group = data.get('target_group', 'all')
        target_users_list = data.get('target_users', [])
        
        # New email-specific fields from frontend
        send_as_email = data.get('send_as_email', False)
        email_subject = data.get('email_subject')
        email_body_html = data.get('email_body_html')

        if not message_content:
            return jsonify({'error': 'In-app notification message is required'}), 400
        if send_as_email and (not email_subject or not email_body_html):
            return jsonify({'error': 'If sending as email, email_subject and email_body_html are required.'}), 400

        recipients_uids = set()
        all_users_data = db.reference('users', app=db_app).get() or {}
        
        if target_users_list and isinstance(target_users_list, list):
            for uid_target in target_users_list:
                if uid_target in all_users_data: recipients_uids.add(uid_target)
        elif target_group == 'all':
            recipients_uids.update(all_users_data.keys())
        elif target_group in ['farmers', 'buyers', 'transporters']:
            role_key = target_group[:-1] # 'farmers' -> 'farmer'
            for uid_loop, u_data in all_users_data.items():
                if u_data and u_data.get('roles', {}).get(role_key, False):
                    recipients_uids.add(uid_loop)
        else:
            return jsonify({'error': 'Invalid target_group or target_users not provided correctly'}), 400
        
        sent_count = 0
        for uid_recipient in recipients_uids:
            # Call the upgraded notification function with all parameters
            if _send_system_notification(
                user_id=uid_recipient,
                message_content=message_content,
                notif_type="admin_broadcast",
                send_email=send_as_email,
                email_subject=email_subject,
                email_body=email_body_html
            ):
                sent_count += 1
                
        return jsonify({'success': True, 'message': f"Broadcast notification dispatched for {sent_count} user(s)."}), 200
        
    except Exception as e:
        return handle_route_errors(e, uid_context=admin_uid)

@app.route('/api/user/notifications', methods=['GET'])
def get_user_notifications():
    auth_header = request.headers.get('Authorization');
    uid = None
    try:
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error'}), 503
        uid = verify_token(auth_header)
        if not uid: return jsonify({'error': 'Authentication required.'}), 401
        notifications_ref = db.reference(f'notifications/{uid}', app=db_app).order_by_child('created_at')
        user_notifications = notifications_ref.get() or {}
        sorted_notifications = sorted(user_notifications.items(), key=lambda item: item[1]['created_at'], reverse=True)
        return jsonify(dict(sorted_notifications)), 200
    except Exception as e: return handle_route_errors(e, uid_context=uid)

@app.route('/api/user/notifications/<notification_id>/read', methods=['POST'])
def mark_notification_read(notification_id):
    auth_header = request.headers.get('Authorization');
    uid = None
    try:
        uid = verify_token(auth_header)
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error'}), 503
        notif_ref = db.reference(f'notifications/{uid}/{notification_id}', app=db_app)
        if not notif_ref.get(): return jsonify({'error': 'Notification not found'}), 404
        notif_ref.update({'read': True, 'read_at': datetime.now(timezone.utc).isoformat()})
        return jsonify({'success': True, 'message': 'Notification marked as read.'}), 200
    except Exception as e: return handle_route_errors(e, uid_context=uid)

# Helper for AI chat to fetch platform data
def _fetch_platform_data_for_chat(query):
    if not FIREBASE_INITIALIZED: return "Firebase not ready.", False

    listings_ref = db.reference('listings', app=db_app).order_by_child('status').equal_to('active')
    all_active_listings = listings_ref.get() or {}

    relevant_listings = []
    query_lower = query.lower()

    for lid, ldata in all_active_listings.items():
        if not ldata: continue
        crop_type = ldata.get('crop_type', '').lower()
        location = ldata.get('location', '').lower()
        listing_type = ldata.get('listing_type', '')

        # Simple keyword matching for demonstration
        if any(keyword in query_lower for keyword in [crop_type, location, listing_type, 'maize', 'beans', 'harare', 'bulawayo']):
            relevant_listings.append(ldata)

    if not relevant_listings:
        return "No active listings found matching your query.", False

    summary = "Active Listings:\n"
    for l in relevant_listings[:5]: # Limit to top 5 for brevity
        summary += f"- {l.get('crop_type')} ({l.get('listing_type')}) in {l.get('location')}, Qty: {l.get('quantity')}, Price: {l.get('asking_price') or l.get('price_range')}\n"

    return summary, True

# Helper for AI chat to fetch price trends
def _get_price_trend_analysis_for_chat(crop_type=None, location=None):
    if not FIREBASE_INITIALIZED: return "Firebase not ready.", False
    if not gemini_client: return "AI service not available for trend analysis.", False

    all_deals = db.reference('deals', app=db_app).order_by_child('status').equal_to('completed').get() or {}
    price_data_points = []
    for deal_id, deal in all_deals.items():
        if not deal: continue
        listing_id = deal.get('listing_id')
        listing_details = db.reference(f'listings/{listing_id}', app=db_app).get() if listing_id else None
        if listing_details:
            deal_crop_type, deal_location = listing_details.get('crop_type'), listing_details.get('location')
            if crop_type and deal_crop_type and deal_crop_type.lower() != crop_type.lower(): continue
            if location and deal_location and deal_location.lower() != location.lower(): continue
            price_data_points.append({
                'price': deal.get('agreed_price') or deal.get('proposed_price'),
                'quantity': deal.get('agreed_quantity') or deal.get('proposed_quantity'),
                'date': deal.get('admin_approved_at') or deal.get('created_at'),
                'crop': deal_crop_type, 'location': deal_location
            })

    if not price_data_points:
        return "Not enough historical data to generate price trends for the specified criteria.", False

    data_summary_for_gemini = f"Recent transactions for {crop_type or 'various crops'} in {location or 'various locations'}:\n"
    for point in price_data_points[:10]: # Limit data sent to Gemini
        data_summary_for_gemini += f"- Crop: {point.get('crop')}, Price: {point.get('price')}, Qty: {point.get('quantity')}, Date: {point.get('date')}, Loc: {point.get('location')}\n"

    prompt = f"""
    Analyze agricultural transaction data for Tunasonga Agri. Provide brief price trend analysis (increasing, decreasing, stable? patterns?).
    Focus on {crop_type if crop_type else 'common crops'}. Be concise for farmers/buyers. State if data is sparse.
    Data: {data_summary_for_gemini}
    Analysis:
    """
    try:
        response_obj = gemini_client.models.generate_content(model='gemini-2.0-flash', contents=[{'parts': [{'text': prompt}]}])
        return response_obj.text.strip(), True
    except Exception as e:
        logger.error(f"Gemini error during price trend analysis: {e}")
        return "Could not generate price trend analysis at this time due to an AI service error.", False


@app.route('/api/market/prices/trends', methods=['GET'])
def get_price_trends():
    uid_context = "public_price_trends"
    response_obj = None
    try:
        if not gemini_client: return jsonify({'error': 'AI service not available.'}), 503
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error: Firebase not ready.'}), 503
        crop_type, location = request.args.get('crop_type'), request.args.get('location')

        trend_analysis, success = _get_price_trend_analysis_for_chat(crop_type, location)

        if not success:
            return jsonify({'message': trend_analysis}), 200 # trend_analysis contains the error message

        return jsonify({'crop_type': crop_type, 'location': location, 'trend_analysis': trend_analysis}), 200
    except AttributeError as ae:
        logger.error(f"Gemini Response Attribute Error in get_price_trends: {ae}. Response object: {response_obj}")
        try: trend_analysis = response_obj.candidates[0].content.parts[0].text if response_obj and response_obj.candidates else "Error processing AI structure."
        except Exception: trend_analysis = "Error processing AI response structure."
        return jsonify({'crop_type': crop_type, 'location': location, 'trend_analysis': trend_analysis, 'error_detail': str(ae)}), 200
    except Exception as e: return handle_route_errors(e, uid_context=uid_context)

@app.route("/api/ai/chat", methods=["POST"])
def ai_chat():
    auth_header = request.headers.get("Authorization", "")
    uid = None
    intent = "general_agri_info"  # start with a valid default rather than "unknown"
    try:
        if not FIREBASE_INITIALIZED or not gemini_client:
            return jsonify({'error': 'Server or AI service not ready.'}), 503
        
        uid = verify_token(auth_header)

        data = request.get_json()
        if not data:
            return jsonify({"error": "Invalid request data."}), 400

        user_message = data.get("message", "").strip()
        if not user_message:
            return jsonify({"error": "Message cannot be empty."}), 400

        # 1) Build a more constrained classification prompt
        classify_prompt = f"""
Classify the user’s query into exactly one of these categories (and nothing else):
platform_data_query
price_trend_query
general_agri_info
other

User Query: "{user_message}"

Return exactly one of the four category names above, with no extra words or punctuation.
"""
        # 2) Call Gemini for classification, with explicit logging
        try:
            response_obj_gemini = gemini_client.models.generate_content(
                model='gemini-2.0-flash',
                contents=[{'parts': [{'text': classify_prompt}]}]
            )
            raw_intent = response_obj_gemini.text or ""
        except Exception as classify_ex:
            logger.error(f"Classification call failed: {classify_ex}")
            raw_intent = ""
        # 3) Normalize and validate
        normalized = raw_intent.strip().replace('"', '').lower()
        valid_intents = ["platform_data_query", "price_trend_query", "general_agri_info", "other"]
        if normalized in valid_intents:
            intent = normalized
        else:
            logger.warning(f"Unexpected or empty classification '{raw_intent}'. Defaulting intent to general_agri_info.")
            intent = "general_agri_info"

        # 4) Build context based on intent...
        context_for_gemini = ""
        if intent == "platform_data_query":
            platform_data_summary, _ = _fetch_platform_data_for_chat(user_message)
            if platform_data_summary:
                context_for_gemini += f"Current Platform Data Context:\n{platform_data_summary}\n\n"
        elif intent == "price_trend_query":
            # … trend logic …
            trend_analysis_summary, _ = _get_price_trend_analysis_for_chat(...)
            if trend_analysis_summary:
                context_for_gemini += f"Price Trend Analysis Context:\n{trend_analysis_summary}\n\n"

        # 5) Main answer prompt
        main_prompt = f"""
You are Tunasonga Agri Assistant, an AI for an agricultural marketplace in Zimbabwe and SADC.
Your goal is to provide helpful, concise, and accurate information. Your persona is professional, friendly, and supportive of farmers and agri-businesses.
The user's original query intent was classified as: {intent}
{context_for_gemini}
Based on the user's query and any provided context above, please formulate your answer to the user.
User Query: "{user_message}"
Specific Instructions based on intent:
- If the intent was 'platform_data_query': Use the "Current Platform Data Context" to answer. If the context says no items were found, relay that and suggest they browse the marketplace or refine their search. Do not invent listings.
- If the intent was 'price_trend_query': Use the "Price Trend Analysis Context". If the context says trends couldn't be generated, relay that. Do not invent trends.
- For 'general_agri_info': Use your broad agricultural knowledge. Focus on practices relevant to the SADC region, smallholder farmers, climate-smart agriculture, market access, and agri-business development. Provide actionable advice if possible.
- If the query is unclear, classified as "other", or if the context is insufficient for a specific query: Provide a polite general response, ask for clarification, or gently guide the user on how you can help (e.g., "I can help with finding produce, getting price trends, or general farming advice. What would you like to know?").
Keep your answers clear and easy to understand. Avoid overly technical jargon unless necessary and explain it.
Answer:
"""
        
        try:
            response_obj_gemini = gemini_client.models.generate_content(
                model='gemini-2.0-flash',
                contents=[{'parts': [{'text': main_prompt}]}]
            )
            ai_response_text = response_obj_gemini.text.strip() or "I’m having trouble generating a response right now."
        except Exception as answer_ex:
            logger.error(f"Answer generation failed: {answer_ex}")
            ai_response_text = "I’m having trouble generating a response right now."

        # 6) Save to Firebase history
        try:
            db.reference(f'ai_chat_history/{uid}/{str(uuid.uuid4())}', app=db_app).set({
                'user_message': user_message,
                'ai_response': ai_response_text,
                'intent_classified': intent,
                'timestamp': datetime.now(timezone.utc).isoformat()
            })
        except Exception as chat_history_error:
            logger.error(f"Failed to store chat history for UID {uid}: {chat_history_error}")

        # 7) Return JSON with valid intent
        return jsonify({"response": ai_response_text, "intent": intent})

    except AttributeError as ae:
        # In this branch, always return a valid default intent
        logger.error(f"AttributeError in ai_chat (UID: {uid}): {ae}")
        ai_response_text = "I’m having a little trouble understanding that. Could you try rephrasing?"
        return jsonify({"response": ai_response_text, "intent": "general_agri_info", "error_detail": "AI_RESPONSE_FORMAT_ISSUE"}), 200
    except Exception as e:
        # For any other exception, ensure we return a valid intent instead of "unknown"
        logger.error(f"Unhandled exception in ai_chat (UID: {uid}): {e}")
        return jsonify({"error": str(e), "intent": "general_agri_info"}), 500

@app.route('/api/user/ai-chat-history', methods=['GET'])
def get_ai_chat_history():
    auth_header = request.headers.get('Authorization');
    uid = None
    try:
        if not FIREBASE_INITIALIZED: return jsonify({'error': 'Server configuration error'}), 503
        uid = verify_token(auth_header)
        if not uid: return jsonify({'error': 'Authentication required.'}), 401
        history_ref = db.reference(f'ai_chat_history/{uid}', app=db_app).order_by_child('timestamp')
        chat_history = history_ref.get() or {}
        sorted_history = sorted(chat_history.items(), key=lambda item: item[1]['timestamp'], reverse=True)
        return jsonify(dict(sorted_history)), 200
    except Exception as e: return handle_route_errors(e, uid_context=uid)

        
@app.route('/api/deals/<deal_id>/payment/initiate', methods=['POST'])
def initiate_payment(deal_id):
    auth_header = request.headers.get('Authorization')
    buyer_uid = None
    try:
        if not paynow_client:
            return jsonify({'error': 'Payment service is not configured.'}), 503
        
        buyer_uid = verify_token(auth_header)
        
        deal_ref = db.reference(f'deals/{deal_id}', app=db_app)
        deal_data = deal_ref.get()

        # --- SURGICAL VALIDATION ---
        if not deal_data:
            return jsonify({'error': 'Deal not found.'}), 404
        if deal_data.get('buyer_id') != buyer_uid:
            return jsonify({'error': 'You are not authorized to pay for this deal.'}), 403
        if deal_data.get('status') != 'active':
            return jsonify({'error': 'This deal is not active and cannot be paid for.'}), 400
        if deal_data.get('payment', {}).get('status') == 'paid':
            return jsonify({'error': 'This deal has already been paid for.'}), 400

        # --- BACKEND CALCULATION ---
        price = float(deal_data['proposed_price'])
        quantity = int(deal_data['proposed_quantity'])
        total_amount = round(price * quantity, 2)

        # Create a new payment object
        payment = paynow_client.create_payment(
            f"TNSG-{deal_id}",  # A unique reference for this transaction
            deal_data.get('buyer_email', 'buyer@example.com') # Get buyer email if stored, otherwise a placeholder
        )
        payment.add(f"Deal {deal_id} for {deal_data.get('crop_type', 'produce')}", total_amount)

        # Send the payment to Paynow
        response = paynow_client.send(payment)

        if not response.success:
            logger.error(f"Paynow initiation failed for deal {deal_id}: {response.error}")
            return jsonify({'error': 'Failed to initiate payment with the provider.', 'details': response.error}), 500

        # --- UPDATE FIREBASE BEFORE REDIRECT ---
        payment_update_payload = {
            "status": "pending",
            "paynow_reference": response.paynow_reference,
            "poll_url": response.poll_url,
            "amount": total_amount,
            "currency": "USD", # Or make this dynamic if needed
            "initiated_at": datetime.now(timezone.utc).isoformat()
        }
        deal_ref.child('payment').set(payment_update_payload)

        # Return the redirect URL to the frontend
        return jsonify({
            'success': True, 
            'message': 'Payment initiated. Redirecting...',
            'redirect_url': response.redirect_url
        }), 200

    except Exception as e:
        return handle_route_errors(e, uid_context=buyer_uid)

@app.route('/api/payment/webhook/paynow', methods=['POST'])
def paynow_webhook():
    try:
        # The Paynow SDK does not have a built-in webhook handler, so we do it manually.
        # This is a simplified representation. Refer to Paynow docs for the exact fields and hash method.
        paynow_data = request.form.to_dict() # Paynow sends form data
        logger.info(f"Received Paynow webhook: {paynow_data}")

        paynow_reference = paynow_data.get('paynowreference')
        merchant_reference = paynow_data.get('reference') # This is our "TNSG-deal_id"
        status = paynow_data.get('status', '').lower()
        received_hash = paynow_data.get('hash')

        # --- CRITICAL: HASH VERIFICATION ---
        # You MUST generate a hash from the received data using your Integration Key
        # and compare it to the received_hash. If they don't match, discard the request.
        # Example (pseudo-code, check Paynow docs for exact implementation):
        # calculated_hash = generate_hash(paynow_data, PAYNOW_INTEGRATION_KEY)
        # if calculated_hash != received_hash:
        #     logger.warning("Invalid hash on Paynow webhook. Discarding.")
        #     return jsonify({'error': 'Invalid hash'}), 403

        if not merchant_reference or not merchant_reference.startswith('TNSG-'):
            return jsonify({'error': 'Invalid reference format'}), 400

        deal_id = merchant_reference.split('TNSG-')[1]
        deal_ref = db.reference(f'deals/{deal_id}', app=db_app)
        deal_data = deal_ref.get()

        if not deal_data:
            logger.error(f"Webhook for non-existent deal {deal_id} received.")
            return jsonify({'error': 'Deal not found'}), 404
        
        # Prevent processing old webhooks if deal is already paid
        if deal_data.get('payment', {}).get('status') == 'paid':
             logger.info(f"Webhook for already paid deal {deal_id} received. Ignoring.")
             return jsonify({'status': 'ok'}), 200

        payment_update_payload = {
            "status": status,
            "completed_at": datetime.now(timezone.utc).isoformat()
        }
        deal_ref.child('payment').update(payment_update_payload)
        
        # --- NOTIFY USERS BASED ON STATUS ---
        if status == 'paid':
            farmer_id = deal_data.get('farmer_id')
            buyer_id = deal_data.get('buyer_id')
            
            # Find admins to notify
            admins_ref = db.reference('users', app=db_app).order_by_child('is_admin').equal_to(True).get()

            success_message = f"Payment for deal {deal_id} has been successfully received."
            
            _send_system_notification(buyer_id, f"Your payment for deal {deal_id} was successful.", "payment_success", f"/deals/{deal_id}")
            _send_system_notification(farmer_id, success_message, "payment_received", f"/deals/{deal_id}")
            if admins_ref:
                for admin_id, _ in admins_ref.items():
                    _send_system_notification(admin_id, success_message, "admin_payment_notification", f"/admin/deals/{deal_id}")

        # Acknowledge receipt to Paynow
        return jsonify({'status': 'ok'}), 200

    except Exception as e:
        logger.error(f"Error in Paynow webhook: {e}\n{traceback.format_exc()}")
        return jsonify({'error': 'Internal server error'}), 500


if __name__ == '__main__':
    app.run(debug=True, host="0.0.0.0", port=int(os.getenv("PORT", 7860)))