<?php

/**
 * Description of UserController
 *
 * @author fronk
 */
class UserController extends mfBaseController {
  private $me;
  
  protected function init($request = null) {
    $this->needlogin=true;
    $me = new User();
    $me->loadMe();
    $this->me = $me;
    $this->layout()->set("me",$me);
    
    if(!$me->isAdmin()) {
      // all users can call non-action methods
      if($this->action != "" || $request != null) {
        $this->redirect("Dashboard");
      }
    }
  }
  
  protected function indexAction($request) {
    if(!$this->isAdmin()) {
      throw new Exception("Forbidden", 403);
    }
    $this->layout()->setTemplate('User/Index');
    
    if($this->request->filter) {
      $users = UserModel::search($this->request->filter);
    } else {
      $users = UserModel::getAll();
    }
    $this->layout()->set('users',$users);
    
    $addresses = AddressModel::getAll();
    $this->layout()->set("addresses", $addresses);
    $this->layout()->set("filter", $this->request->filter);
  }
  
  protected function addAction($request) {
    if(!$this->isAdmin()) {
      throw new Exception("Forbidden", 403);
    }
    $this->layout()->setTemplate('User/Form');
    
    $addresses = AddressModel::getAll();
    $this->layout()->set("addresses", $addresses);
    
    if($this->request->address_id) {
      $this->layout()->set("address_id", $this->request->address_id);
    }
  }
  
  protected function editAction($request) {
    if(!$this->isAdmin()) {
      throw new Exception("Forbidden", 403);
    }
    $this->layout()->setTemplate('User/Form');
    
    $id=$request['id'];
    if(!is_numeric($id) || $id <= 0) {
      throw new Exception("User $id not found",604);
    }
    
    $user=new User($id);
    $this->layout()->set('user',$user);
    
    $addresses = AddressModel::getAll();
    $this->layout()->set("addresses", $addresses);
  }
  
  protected function profileAction($request) {
    
  }


  protected function saveAction() {
    $r = $this->request;
    $id = $r->id;
    if(!$this->isAdmin()) {
      $id = $this->me->id;
      $request['username'] = $this->me->username;
      unset($r->address_id);
    }
    
    if(!$id && !$r->username) {
      self::redirect('User');
    }
    
    $user = new User($id);
    if(!$user->permissions) {
      $user->permissions = new WorkerPermission();
    }
    if($r->username) {
      $user->username = $r->username;
    }
    if($r->name) {
      $user->name = $r->name;
    }
    if($r->email) {
      $user->email = $r->email;
    }
    if($r->address_id) {
      if($this->isAdmin()) {
        $user->address_id = intval($r->address_id);
        //var_dump($user);exit;
        $address = new Address($user->address_id);
        if(!$address->id) {
          throw new Exception("Unbekannte Firma/Person");
        }
      }
    }
    
    if($r->password) {
      if($r->password === $r->password2) {
        $user->password=mfLoginController::generatePasswordHash($r->password);
      } else {
        $this->layout()->setFlash("Passwörter stimmen nicht überein!", "error");
      }
    }
    
    $user->edit_by = $this->me->id;
    if(!$id) {
      $user->create_by = $this->me->id;
    }
    
    $id = $user->save();
    
    if($this->isAdmin()) {
      if($r->admin == "true" || $user->id == 1) {
        $user->permissions->admin = "true";
      } else {
        $user->permissions->admin = "false";
      }
      
      if($r->technician == "true") {
        $user->permissions->technician = "true";
      } else {
        $user->permissions->technician = "false";
      }
      
      $user->permissions->save();
    }
    
    $this->layout()->setFlash("Benutzer gespeichert.", "success");
    self::redirect('User');
  }
  
  protected function deleteAction($request) {
    if(!$this->isAdmin()) {
      $this->redirect("Bridge");
    }
    $id = $request['id'];
    
    if(!is_numeric($id) || $id <= 0) {
      throw new Exception("User $id not found",604);
    }
    
    $user = new User($id);
    if($user->id == $id) {
        $user->delete();
    }
    
    self::redirect("User");
  }
  
  protected function pwchangeAction($request) {
    $me = new User();
    $me->loadMe();
    
    $pw1 = $request['password'];
    $pw2 = $request['password2'];
    
    if(!$pw1 == $pw2) {
      throw new Exception("Passwords don't match! Password change aborted.");
    }
    
    if(strlen($pw1) < 8) {
      throw new Exception("Passwords must be 8 characters minimum!");
    }
    
    if($pw1 == "12345678" || $pw1 == "123456789" || $pw1 == "password" || $pw1 == "passwort") {
      throw new Exception("Be a little more creative with your password please...");
    }
    
    $me->password = mfLoginController::generatePasswordHash($pw1);
    $me->save();
    $this->redirect("Dashboard");
  }


  public function getUsers() {
    $users=array();
    $res=$this->db()->select(MFUSERTABLE,'*','1=1 ORDER BY username');
    if($this->db()->num_rows($res)) {
      while($data=$this->db()->fetch_object($res)) {
        $users[$data->id]=new User($data);
      }
    }
    return $users;
  }
  
  private function isAdmin() {
    $me = new User();
    $this->layout->set("me", $me);
    $me->loadMe();
    
    return $me->isAdmin();
  }
}