'use strict';

exports = module.exports = {
    canEditProfile,
    get,
    setDisplayName,
    setEmail,
    setFallbackEmail,
    getAvatarById,
    setAvatar,
    unsetAvatar,
    setLanguage,
    getBackgroundImage,
    setBackgroundImage,
    unsetBackgroundImage,
    setPassword,
    setTwoFactorAuthenticationSecret,
    enableTwoFactorAuthentication,
    disableTwoFactorAuthentication,
    setNotificationConfig,
    destroyUserSession
};

const assert = require('node:assert'),
    AuditSource = require('../auditsource.js'),
    BoxError = require('../boxerror.js'),
    HttpError = require('@cloudron/connect-lastmile').HttpError,
    HttpSuccess = require('@cloudron/connect-lastmile').HttpSuccess,
    oidcServer = require('../oidcserver.js'),
    safe = require('safetydance'),
    tokens = require('../tokens.js'),
    userDirectory = require('../user-directory.js'),
    users = require('../users.js'),
    settings = require('../settings.js');

async function canEditProfile(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');

    const [error, profileConfig] = await safe(userDirectory.getProfileConfig());
    if (error) return next(BoxError.toHttpError(error));

    if (profileConfig.lockUserProfiles) return next(new HttpError(403, 'admin has disallowed users from editing profiles'));

    next();
}

async function get(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');

    const [error, backgroundImage] = await safe(users.getBackgroundImage(req.user));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(200, {
        id: req.user.id,
        username: req.user.username,
        email: req.user.email,
        fallbackEmail: req.user.fallbackEmail,
        displayName: req.user.displayName,
        twoFactorAuthenticationEnabled: req.user.twoFactorAuthenticationEnabled,
        role: req.user.role,
        source: req.user.source,
        hasBackgroundImage: !!backgroundImage,
        language: req.user.language || await settings.get(settings.LANGUAGE_KEY),
        notificationConfig: req.user.notificationConfig,
    }));
}

async function setEmail(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');
    assert.strictEqual(typeof req.body, 'object');

    if ('email' in req.body && typeof req.body.email !== 'string') return next(new HttpError(400, 'email must be string'));

    const [error] = await safe(users.update(req.user, { email: req.body.email }, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(204));
}

async function setFallbackEmail(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');
    assert.strictEqual(typeof req.body, 'object');

    if ('fallbackEmail' in req.body && typeof req.body.fallbackEmail !== 'string') return next(new HttpError(400, 'fallbackEmail must be string'));

    const [error] = await safe(users.update(req.user, { fallbackEmail: req.body.fallbackEmail }, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(204));
}

async function setDisplayName(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');
    assert.strictEqual(typeof req.body, 'object');

    if ('displayName' in req.body && typeof req.body.displayName !== 'string') return next(new HttpError(400, 'displayName must be string'));

    const [error] = await safe(users.update(req.user, { displayName: req.body.displayName }, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(204));
}

async function setLanguage(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');
    assert.strictEqual(typeof req.body, 'object');

    if (typeof req.body.language !== 'string') return next(new HttpError(400, 'language must be string'));

    const [error] = await safe(users.update(req.user, { language: req.body.language }, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(204));
}

async function setAvatar(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');
    assert.strictEqual(typeof req.files, 'object');

    const avatar = safe.fs.readFileSync(req.files.avatar.path);
    safe.fs.unlinkSync(req.files.avatar.path);
    if (!avatar) return next(BoxError.toHttpError(new BoxError(BoxError.FS_ERROR, safe.error.message)));

    const [error] = await safe(users.setAvatar(req.user, avatar));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(204, {}));
}

async function unsetAvatar(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');

    const [error] = await safe(users.setAvatar(req.user, null));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(204, {}));
}

async function getAvatarById(req, res, next) {
    assert.strictEqual(typeof req.params, 'object');

    const [userError, user] = await safe(users.get(req.params.identifier));
    if (userError) return next(BoxError.toHttpError(userError));
    if (!user) return next(new HttpError(404, 'no avatar'));

    const [avatarError, avatar] = await safe(users.getAvatar(user));
    if (avatarError) return next(BoxError.toHttpError(avatarError));
    if (!avatar) return next(new HttpError(404, 'no avatar'));

    res.set('Content-Type', 'image/png');
    res.status(200).send(avatar);
}

async function setBackgroundImage(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');
    assert.strictEqual(typeof req.files, 'object');

    if (!req.files.backgroundImage) return next(new HttpError(400, 'backgroundImage must be provided'));
    const backgroundImage = safe.fs.readFileSync(req.files.backgroundImage.path);
    safe.fs.unlinkSync(req.files.backgroundImage.path);
    if (!backgroundImage) return next(BoxError.toHttpError(new BoxError(BoxError.FS_ERROR, safe.error.message)));

    const [error] = await safe(users.setBackgroundImage(req.user, backgroundImage));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(200, {}));
}

async function unsetBackgroundImage(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');

    const [error] = await safe(users.setBackgroundImage(req.user, null));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(200, {}));
}

async function getBackgroundImage(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');

    const [error, backgroundImage] = await safe(users.getBackgroundImage(req.user));
    if (error) return next(BoxError.toHttpError(error));

    if (!backgroundImage) return next(new HttpError(404, 'no background set'));

    res.set('Cache-Control', 'no-cache');
    res.set('Content-Type', 'image/webp');

    res.status(200).send(backgroundImage);
}

async function setPassword(req, res, next) {
    assert.strictEqual(typeof req.body, 'object');
    assert.strictEqual(typeof req.user, 'object');

    if (typeof req.body.newPassword !== 'string') return next(new HttpError(400, 'newPassword must be a string'));

    const [error] = await safe(users.setPassword(req.user, req.body.newPassword, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(204));
}

async function setTwoFactorAuthenticationSecret(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');

    const [error, result] = await safe(users.setTwoFactorAuthenticationSecret(req.user, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(200, { secret: result.secret, qrcode: result.qrcode }));
}

async function enableTwoFactorAuthentication(req, res, next) {
    assert.strictEqual(typeof req.body, 'object');
    assert.strictEqual(typeof req.user, 'object');

    if (!req.body.totpToken || typeof req.body.totpToken !== 'string') return next(new HttpError(400, 'totpToken must be a nonempty string'));

    const [error] = await safe(users.enableTwoFactorAuthentication(req.user, req.body.totpToken, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(204, {}));
}

async function disableTwoFactorAuthentication(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');

    const [error] = await safe(users.disableTwoFactorAuthentication(req.user, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(204, {}));
}

async function setNotificationConfig(req, res, next) {
    assert.strictEqual(typeof req.body, 'object');
    assert.strictEqual(typeof req.user, 'object');

    if (!Array.isArray(req.body.notificationConfig)) return next(new HttpError(400, 'notificationConfig must be an array of strings'));
    if (req.body.notificationConfig.some(k => typeof k !== 'string')) return next(new HttpError(400, 'notificationConfig must be an array of strings'));

    const [error] = await safe(users.setNotificationConfig(req.user, req.body.notificationConfig, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(204, {}));
}

async function destroyUserSession(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');

    const [error] = await safe(oidcServer.revokeByUsername(req.user.username));
    if (error) return next(BoxError.toHttpError(error));

    await safe(tokens.del(req.token.id));

    next(new HttpSuccess(204));
}