<?php

namespace OCA\Memories\Controller;

use OCA\Files\Event\LoadSidebar;
use OCP\App\IAppManager;
use OCP\AppFramework\AuthPublicShareController;
use OCP\AppFramework\Http\ContentSecurityPolicy;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\AppFramework\Services\IInitialState;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\Files\NotFoundException;
use OCP\IConfig;
use OCP\IRequest;
use OCP\ISession;
use OCP\IURLGenerator;
use OCP\IUserManager;
use OCP\Share\IManager as IShareManager;
use OCP\Share\IShare;
use OCP\Util;

class PublicController extends AuthPublicShareController
{
    protected $appName;
    protected IEventDispatcher $eventDispatcher;
    protected IInitialState $initialState;
    protected IShareManager $shareManager;
    protected IUserManager $userManager;
    protected IAppManager $appManager;
    protected IConfig $config;

    protected IShare $share;

    public function __construct(
        string $AppName,
        IRequest $request,
        ISession $session,
        IURLGenerator $urlGenerator,
        IEventDispatcher $eventDispatcher,
        IInitialState $initialState,
        IShareManager $shareManager,
        IUserManager $userManager,
        IAppManager $appManager,
        IConfig $config
    ) {
        parent::__construct($AppName, $request, $session, $urlGenerator);
        $this->eventDispatcher = $eventDispatcher;
        $this->initialState = $initialState;
        $this->shareManager = $shareManager;
        $this->userManager = $userManager;
        $this->appManager = $appManager;
        $this->config = $config;
    }

    /**
     * @PublicPage
     *
     * @NoCSRFRequired
     *
     * Show the authentication page
     * The form has to submit to the authenticate method route
     */
    public function showAuthenticate(): TemplateResponse
    {
        $templateParameters = ['share' => $this->share];

        return new TemplateResponse('core', 'publicshareauth', $templateParameters, 'guest');
    }

    public function isValidToken(): bool
    {
        try {
            $this->share = $this->shareManager->getShareByToken($this->getToken());

            return true;
        } catch (\Exception $e) {
            return false;
        }
    }

    /**
     * @PublicPage
     *
     * @NoCSRFRequired
     */
    public function showShare(): TemplateResponse
    {
        \OC_User::setIncognitoMode(true);

        // Check whether share exists
        try {
            $share = $this->shareManager->getShareByToken($this->getToken());
        } catch (\Exception $e) {
            throw new NotFoundException();
        }

        if (!$this->validateShare($share)) {
            throw new NotFoundException();
        }

        // Scripts
        Util::addScript($this->appName, 'memories-main');
        $this->eventDispatcher->dispatchTyped(new LoadSidebar());

        // App version
        $this->initialState->provideInitialState('version', $this->appManager->getAppInfo('memories')['version']);

        $policy = new ContentSecurityPolicy();
        $policy->addAllowedWorkerSrcDomain("'self'");
        $policy->addAllowedScriptDomain("'self'");

        $response = new TemplateResponse($this->appName, 'main');
        $response->setContentSecurityPolicy($policy);

        return $response;
    }

    protected function showAuthFailed(): TemplateResponse
    {
        $templateParameters = ['share' => $this->share, 'wrongpw' => true];

        return new TemplateResponse('core', 'publicshareauth', $templateParameters, 'guest');
    }

    protected function verifyPassword(string $password): bool
    {
        return $this->shareManager->checkPassword($this->share, $password);
    }

    protected function getPasswordHash(): string
    {
        return $this->share->getPassword();
    }

    protected function isPasswordProtected(): bool
    {
        return null !== $this->share->getPassword();
    }

    /**
     * Validate the permissions of the share.
     *
     * @param Share\IShare $share
     *
     * @return bool
     */
    private function validateShare(IShare $share)
    {
        // If the owner is disabled no access to the linke is granted
        $owner = $this->userManager->get($share->getShareOwner());
        if (null === $owner || !$owner->isEnabled()) {
            return false;
        }

        // If the initiator of the share is disabled no access is granted
        $initiator = $this->userManager->get($share->getSharedBy());
        if (null === $initiator || !$initiator->isEnabled()) {
            return false;
        }

        return $share->getNode()->isReadable() && $share->getNode()->isShareable();
    }
}