<?php

namespace Opentalent\OtAdmin\Http;


use Opentalent\OtAdmin\Controller\SiteController;
use Psr\Log\LoggerAwareInterface;
use Psr\Log\LoggerAwareTrait;
use TYPO3\CMS\Core\Http\JsonResponse;
use TYPO3\CMS\Core\Http\ServerRequest;

class ApiController implements LoggerAwareInterface
{
    use LoggerAwareTrait;

    const ALLOWED_IPS = [
        '/^127\.0\.0\.[0-1]$/',
        '/^localhost$/',
        '/^10\.8\.0\.[0-255]$/'
    ];

    /**
     * Retrieve the organization's id from the given request parameters
     *
     * @param ServerRequest $request
     * @return int
     */
    private function getOrganizationId(ServerRequest $request) {
        $params = $request->getQueryParams();
        $organizationId = $params['organization-id'];
        if (!$organizationId) {
            throw new \RuntimeException("Missing parameter: 'organization-id'");
        }
        return (int)$organizationId;
    }

    /**
     * Check that the client Ip is allowed, else throw a Runtime error
     *
     * @return bool
     */
    private function assertIpAllowed() {
        $clientIp = $_SERVER['REMOTE_ADDR'];
        foreach (self::ALLOWED_IPS as $ipRule) {
            if (preg_match($ipRule, $clientIp)) {
                return true;
            }
        }
        $route = $_REQUEST['route'];
        $this->logger->error(sprintf(
            "OtAdmin API: an attempt was made to call the route " .
            $route . " from an non-allowed IP (" . $clientIp . ")"));
        throw new \RuntimeException("Not allowed");
    }

    /**
     * -- Target of the route 'site_create' --
     * >> Requires a query param named 'organization-id' (int)
     *
     * Create the organization's website
     *
     * @param ServerRequest $request
     * @return JsonResponse
     * @throws \Exception
     */
    public function createSiteAction(ServerRequest $request) {
        $this->assertIpAllowed();

        $organizationId = $this->getOrganizationId($request);

        $controller = new SiteController();
        $rootUid = $controller->createSiteAction($organizationId);

        $this->logger->info(sprintf(
            "OtAdmin API: A new website has been created with root page uid=" . $rootUid .
            " for the organization " . $organizationId));

        return new JsonResponse(
            [
                'organization_id' => $organizationId,
                'msg' => "A new website has been created with root page uid=" . $rootUid,
                'root_uid' => $rootUid
            ]
        );
    }

    /**
     * -- Target of the route 'site_update' --
     * >> Requires a query param named 'organization-id' (int)
     *
     * Update the settings of the organization's website
     *
     * @param ServerRequest $request
     * @return JsonResponse
     * @throws \Exception
     */
    public function updateSiteConstantsAction(ServerRequest $request) {
        $this->assertIpAllowed();

        $organizationId = $this->getOrganizationId($request);

        $controller = new SiteController();
        $rootUid = $controller->updateSiteConstantsAction($organizationId);

        $this->logger->info(sprintf(
            "OtAdmin API: The website with root uid " . $rootUid . " has been updated " .
            " (organization: " . $organizationId . ")"));

        return new JsonResponse(
            [
                'organization_id' => $organizationId,
                'msg' => "The website with root uid " . $rootUid . " has been updated",
                'root_uid' => $rootUid
            ]
        );
    }

    /**
     * -- Target of the route 'site_delete' --
     * >> Requires a query param named 'organization-id' (int)
     *
     * Proceeds to a soft-deletion of the organization's website
     *
     * @param ServerRequest $request
     * @return JsonResponse
     * @throws \Exception
     */
    public function deleteSiteAction(ServerRequest $request) {
        $this->assertIpAllowed();

        $organizationId = $this->getOrganizationId($request);

        $controller = new SiteController();
        $rootUid = $controller->deleteSiteAction($organizationId, false);

        $this->logger->info(sprintf(
            "OtAdmin API: The website with root uid " . $rootUid . " has been soft-deleted " .
            " (organization: " . $organizationId . ")"));

        return new JsonResponse(
            [
                'organization_id' => $organizationId,
                'msg' => "The website with root uid " . $rootUid . " has been soft-deleted. Use the /site/undelete route to restore it.",
                'root_uid' => $rootUid
            ]
        );
    }

    /**
     * -- Target of the route 'site_undelete' --
     * >> Requires a query param named 'organization-id' (int)
     *
     * Restore a soft-deleted organization's website
     *
     * @param ServerRequest $request
     * @return JsonResponse
     * @throws \Exception
     */
    public function undeleteSiteAction(ServerRequest $request) {
        $this->assertIpAllowed();

        $organizationId = $this->getOrganizationId($request);

        $controller = new SiteController();
        $rootUid = $controller->undeleteSiteAction($organizationId);

        $this->logger->info(sprintf(
            "OtAdmin API: The website with root uid " . $rootUid . " has been restored " .
            " (organization: " . $organizationId . ")"));

        return new JsonResponse(
            [
                'organization_id' => $organizationId,
                'msg' => "The website with root uid " . $rootUid . " has been restored",
                'root_uid' => $rootUid
            ]
        );
    }
}