# frozen_string_literal: true

class UsersController < ApplicationController

  helper PaginableHelper
  helper PermsHelper
  include ConditionalUserMailer
  after_action :verify_authorized
  respond_to :html

  ##
  # GET - List of all users for an organisation
  # Displays number of roles[was project_group], name, email, and last sign in
  def admin_index
    authorize User
    if current_user.can_super_admin?
      @users = User.page(1)
    else
      @users = current_user.org.users.page(1)
    end
  end

  ##
  # GET - Displays the permissions available to the selected user
  # Permissions which the user already has are pre-selected
  # Selecting new permissions and saving calls the admin_update_permissions action
  def admin_grant_permissions
    user = User.find(params[:id])
    authorize user

    # Super admin can grant any Perm, org admins can only grant Perms they
    # themselves have access to
    if current_user.can_super_admin?
      perms = Perm.all
    else
      perms = current_user.perms
    end

    render json: {
      "user" => {
        "id" => user.id,
        "html" => render_to_string(partial: "users/admin_grant_permissions",
                                   locals: { user: user, perms: perms },
                                   formats: [:html])
      }
    }.to_json
  end

  ##
  # POST - updates the permissions for a user
  # redirects to the admin_index action
  # should add validation that the perms given are current perms of the current_user
  def admin_update_permissions
    @user = User.find(params[:id])
    authorize @user
    perms_ids = params[:perm_ids].blank? ? [] : params[:perm_ids].map(&:to_i)
    perms = Perm.where(id: perms_ids)
    privileges_changed = false
    current_user.perms.each do |perm|
      if @user.perms.include? perm
        if ! perms.include? perm
          @user.perms.delete(perm)
          if perm.id == Perm.use_api.id
            @user.remove_token!
          end
          privileges_changed = true
        end
      else
        if perms.include? perm
          @user.perms << perm
          if perm.id == Perm.use_api.id
            @user.keep_or_generate_token!
            privileges_changed = true
          end
        end
      end
    end

    if @user.save
      if privileges_changed
        deliver_if(recipients: @user, key: "users.admin_privileges") do |r|
          UserMailer.admin_privileges(r).deliver_now
        end
      end
      render(json: {
        code: 1,
        msg: success_message(_("permissions"), _("saved")),
        current_privileges: render_to_string(partial: "users/current_privileges",
                                             locals: { user: @user }, formats: [:html])
        })
    else
      render(json: { code: 0, msg: failed_update_error(@user, _("user")) })
    end
  end

  def update_email_preferences
    prefs = params[:prefs]
    authorize User
    pref = current_user.pref
    # does user not have prefs?
    if pref.blank?
      pref = Pref.new
      pref.settings = {}
      pref.user = current_user
    end
    pref.settings[:email] = booleanize_hash(prefs)
    pref.save

    # Include active tab in redirect path
    redirect_to "#{edit_user_registration_path}\#notification-preferences",
                notice: success_message(_("preferences"), _("saved"))
  end

  # PUT /users/:id/org_swap
  # -----------------------------------------------------
  def org_swap
    # Allows the user to swap their org affiliation on the fly
    authorize current_user
    begin
      org = Org.find(org_swap_params[:org_id])
    rescue ActiveRecord::RecordNotFound
      redirect_to(request.referer,
                  alert: _("Please select an organisation from the list")) and return
    end
    # rubocop:disable Metrics/LineLength
    if org.present?
      current_user.org = org
      if current_user.save
        redirect_to request.referer,
                    notice: _("Your organisation affiliation has been changed. You may now edit templates for %{org_name}.") % { org_name: current_user.org.name }
      else
        redirect_to request.referer,
                    alert: _("Unable to change your organisation affiliation at this time.")
      end
    else
      redirect_to request.referer, alert: _("Unknown organisation.")
    end
    # rubocop:enable Metrics/LineLength
  end

  # PUT /users/:id/activate
  # -----------------------------------------------------
  def activate
    authorize current_user

    user = User.find(params[:id])
    if user.present?
      begin
        user.active = !user.active
        user.save!
        render json: {
          code: 1,
          msg: _("Successfully %{action} %{username}'s account.") % {
            action: user.active ? _("activated") : _("deactivated"),
            username: user.name(false)
          }
        }
      rescue Exception
        render json: {
          code: 0,
          msg: _("Unable to %{action} %{username}") % {
            action: user.active ? _("activate") : _("deactivate"),
            username: user.name(false)
          }
        }
      end
    end
  end

  # POST /users/acknowledge_notification
  def acknowledge_notification
    authorize current_user
    @notification = Notification.find(params[:notification_id])
    current_user.acknowledge(@notification)
    render nothing: true
  end

  private

  def org_swap_params
    params.require(:user).permit(:org_id, :org_name)
  end

  ##
  # html forms return our boolean values as strings, this converts them to true/false
  def booleanize_hash(node)
    # leaf: convert to boolean and return
    # hash: iterate over leaves
    unless node.is_a?(Hash)
      return node == "true"
    end
    node.each do |key, value|
      node[key] = booleanize_hash(value)
    end
  end

end