package net.curisit.securis.services;

import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import javax.inject.Inject;
import javax.inject.Provider;
import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;

import net.curisit.integrity.commons.Utils;
import net.curisit.securis.db.Organization;
import net.curisit.securis.db.User;
import net.curisit.securis.utils.TokenHelper;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.google.inject.persist.Transactional;

/**
 * User resource
 * 
 * @author roberto <roberto.sanchez@curisit.net>
 */
@Path("/user")
public class UserResource {

	@Inject
	TokenHelper tokenHelper;

	@Inject
	Provider<EntityManager> emProvider;

	// private LicenseHelper licenseHelper = InjectorFactory.getInjector().getInstance(LicenseHelper.class);
	private static final Logger log = LoggerFactory.getLogger(UserResource.class);

	public UserResource() {
	}

	/**
	 * 
	 * @return the server version in format majorVersion.minorVersion
	 */
	@GET
	@Path("/")
	@Produces(
		{ MediaType.APPLICATION_JSON })
	public Response index() {
		log.info("Getting users list ");

		EntityManager em = emProvider.get();
		TypedQuery<User> q = em.createNamedQuery("list-users", User.class);

		List<User> list = q.getResultList();

		return Response.ok(list).build();
	}

	/**
	 * 
	 * @return The user
	 */
	@GET
	@Path("/{uid}")
	@Produces(
		{ MediaType.APPLICATION_JSON })
	public Response get(@PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
		log.info("Getting user data for id: {}: ", uid);
		if (uid == null || uid.equals("")) {
			log.error("User ID is mandatory");
			return Response.status(Status.NOT_FOUND).build();
		}

		EntityManager em = emProvider.get();
		User lt = em.find(User.class, uid);
		if (lt == null) {
			log.error("User with id {} not found in DB", uid);
			return Response.status(Status.NOT_FOUND).build();
		}
		return Response.ok(lt).build();
	}

	@POST
	@Path("/")
	@Consumes(MediaType.APPLICATION_JSON)
	@Produces(
		{ MediaType.APPLICATION_JSON })
	@Transactional
	public Response create(User user, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
		log.info("Creating new user");
		EntityManager em = emProvider.get();
		User currentUser = em.find(User.class, user.getUsername());
		if (currentUser != null) {
			log.info("User with id {} was found in DB, we'll try to modify it", user.getUsername());
			return modify(user, user.getUsername(), token);
		}

		Set<Organization> orgs = null;
		List<Integer> orgsIds = user.getOrgsIds();
		if (orgsIds != null && orgsIds.size() > 0) {
			orgs = new HashSet<>();
			for (Integer orgId : orgsIds) {
				Organization o = em.find(Organization.class, orgId);
				if (o == null) {
					log.error("User organization with id {} not found in DB", orgId);
					return Response.status(Status.NOT_FOUND).header("SECURIS_ERROR", "User's organization not found with ID: " + orgId).build();
				}
				orgs.add(o);
			}
		}

		user.setOrganizations(orgs);
		user.setModificationTimestamp(new Date());
		user.setLastLogin(null);
		user.setCreationTimestamp(new Date());
		em.persist(user);

		return Response.ok(user).build();
	}

	@PUT
	@POST
	@Path("/{uid}")
	@Transactional
	@Consumes(MediaType.APPLICATION_JSON)
	@Produces(
		{ MediaType.APPLICATION_JSON })
	public Response modify(User user, @PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
		log.info("Modifying user with id: {}", uid);
		EntityManager em = emProvider.get();
		User currentUser = em.find(User.class, uid);
		if (currentUser == null) {
			log.info("User with id {} not found in DB, we'll try to create it", uid);
			return create(user, token);
		}

		Set<Organization> orgs = null;
		List<Integer> orgsIds = user.getOrgsIds();
		if (orgsIds != null && orgsIds.size() > 0) {
			orgs = new HashSet<>();
			for (Integer orgId : orgsIds) {
				Organization o = em.find(Organization.class, orgId);
				if (o == null) {
					log.error("User organization with id {} not found in DB", orgId);
					return Response.status(Status.NOT_FOUND).header("SECURIS_ERROR", "User's user not found with ID: " + orgId).build();
				}
				orgs.add(o);
			}
		}

		currentUser.setOrganizations(orgs);
		currentUser.setFirstName(user.getFirstName());
		currentUser.setLastName(user.getLastName());
		currentUser.setRoles(user.getRoles());
		currentUser.setLang(user.getLang());
		currentUser.setModificationTimestamp(new Date());
		currentUser.setPassword(user.getPassword());
		currentUser.setLastLogin(user.getLastLogin());

		em.persist(currentUser);

		return Response.ok(currentUser).build();
	}

	@DELETE
	@Path("/{uid}")
	@Transactional
	@Produces(
		{ MediaType.APPLICATION_JSON })
	public Response delete(@PathParam("uid") String uid, @Context HttpServletRequest request) {
		log.info("Deleting app with id: {}", uid);
		EntityManager em = emProvider.get();
		User app = em.find(User.class, uid);
		if (app == null) {
			log.error("User with id {} can not be deleted, It was not found in DB", uid);
			return Response.status(Status.NOT_FOUND).build();
		}

		em.remove(app);
		return Response.ok(Utils.createMap("success", true, "id", uid)).build();
	}

	@POST
	@Path("/login")
	@Produces(
		{ MediaType.APPLICATION_JSON })
	public Response login(@FormParam("username") String user, @FormParam("password") String password, @Context HttpServletRequest request) {
		log.info("index session: " + request.getSession());
		log.info("user: {}, pass: {}", user, password);
		log.info("is user in role: {} == {} ? ", "advance", request.isUserInRole("advance"));

		if ("no".equals(password))
			return Response.status(Status.UNAUTHORIZED).build();
		String tokenAuth = tokenHelper.generateToken(user);
		return Response.ok(Utils.createMap("success", true, "token", tokenAuth)).build();
	}

	/**
	 * Check if current token is valid
	 * 
	 * @param user
	 * @param password
	 * @param request
	 * @return
	 */
	@POST
	@Path("/check")
	@Produces(
		{ MediaType.APPLICATION_JSON })
	public Response check(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token, @QueryParam("token") String token2) {
		if (token == null)
			token = token2;
		if (token == null)
			return Response.status(Status.FORBIDDEN).build();

		log.info("Token : " + token);
		String user = tokenHelper.extractUserFromToken(token);
		log.info("Token user: " + user);
		Date date = tokenHelper.extractDateCreationFromToken(token);
		log.info("Token date: " + date);
		boolean valid = tokenHelper.isTokenValid(token);

		log.info("Is Token valid: " + valid);

		return Response.ok(Utils.createMap("valid", true, "user", user, "date", date, "token", token)).build();
	}

	@GET
	@Path("/logout")
	@Produces(
		{ MediaType.APPLICATION_JSON })
	public Response logout(@Context HttpServletRequest request) {
		request.getSession().invalidate();
		return Response.ok().build();
	}
}