<?php
/**
 * Created by PhpStorm.
 * User: wolfi
 * Date: 1/10/16
 * Time: 21:54
 */

namespace OCA\Passman\Service;


use Icewind\SMB\Share;
use OCA\Passman\Db\CredentialMapper;
use OCA\Passman\Db\ShareRequest;
use OCA\Passman\Db\ShareRequestMapper;
use OCA\Passman\Db\SharingACL;
use OCA\Passman\Db\SharingACLMapper;

class ShareService {
	private $sharingACL;
	private $shareRequest;
	private $credential;

	public function __construct(SharingACLMapper $sharingACL, ShareRequestMapper $shareRequest, CredentialMapper $credentials) {
		$this->sharingACL = $sharingACL;
		$this->shareRequest = $shareRequest;
		$this->credential = $credentials;
	}

	/**
	 * Creates requests for all the items on the request array of objects.
	 * This array must follow this spec:
	 *      user_id:    The target user id
	 *      vault_id:   The id of the target vault
	 *      guid:       The guid of the target vault
	 *      key:        The shared key cyphered with the target vault RSA public key
	 *
	 * @param $target_item_id   string      The shared item ID
	 * @param $target_item_guid string      The shared item GUID
	 * @param $request_array    array
	 * @param $permissions      integer     Must be created with a bitmask from options on the ShareRequest class
	 * @return array                        Array of sharing requests
	 */
	public function createBulkRequests($target_item_id, $target_item_guid, $request_array, $permissions, $credential_owner) {
		$created = (new \DateTime())->getTimestamp();
		$requests = array();
		foreach ($request_array as $req) {
			$t = new ShareRequest();
			$t->setItemId($target_item_id);
			$t->setItemGuid($target_item_guid);
			$t->setTargetUserId($req['user_id']);
			$t->setTargetVaultId($req['vault_id']);
			$t->setTargetVaultGuid($req['guid']);
			$t->setSharedKey($req['key']);
			$t->setPermissions($permissions);
			$t->setCreated($created);
			$t->setFromUserId($credential_owner);
			array_push($requests, $this->shareRequest->createRequest($t));
		}
		return $requests;
	}

	/**
	 * Applies the given share, defaults to no expire
	 *
	 * @param $item_guid
	 * @param $target_vault_guid
	 * @param $final_shared_key
	 */
	public function applyShare($item_guid, $target_vault_guid, $final_shared_key) {
		$request = $this->shareRequest->getRequestByGuid($item_guid, $target_vault_guid);
		$permissions = $request->getPermissions();

		$acl = new SharingACL();
		$acl->setItemId($request->getItemId());
		$acl->setItemGuid($request->getItemGuid());
		$acl->setUserId($request->getTargetUserId());
		$acl->setCreated($request->getCreated());
		$acl->setExpire(0);
		$acl->setPermissions($permissions);
		$acl->setVaultId($request->getTargetVaultId());
		$acl->setVaultGuid($request->getTargetVaultGuid());
		$acl->setSharedKey($final_shared_key);

		$this->sharingACL->createACLEntry($acl);
		$this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId());
	}

	/**
	 * Obtains pending requests for the given user ID
	 *
	 * @param $user_id
	 * @return \OCA\Passman\Db\ShareRequest[]
	 */
	public function getUserPendingRequests($user_id) {
		return $this->shareRequest->getUserPendingRequests($user_id);
	}

	public function getSharedItems($user_id, $vault_guid) {
		$entries = $this->sharingACL->getVaultEntries($user_id, $vault_guid);

		$return = [];
		foreach ($entries as $entry) {
			// Check if the user can read the credential, probably unnecesary, but just to be sure
			if (!$entry->hasPermission(SharingACL::READ)) continue;

			$tmp = $entry->jsonSerialize();
			$tmp['credential_data'] = $this->credential->getCredentialById($entry->getItemId())->jsonSerialize();
			unset($tmp['credential_data']['shared_key']);
			$return[] = $tmp;
		}
		return $return;
	}


	/**
	 * Deletes an share reuqest by id
	 *
	 * @param ShareRequest $request
	 * @return \OCA\Passman\Db\ShareRequest[]
	 */
	public function cleanItemRequestsForUser(ShareRequest $request) {
		return $this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId());
	}

	/**
	 * Get an share request by id
	 */
	public function getShareRequestById($id) {
		return $this->shareRequest->getShareRequestById($id);
	}

	/*
	 * Get an share request by $item_guid and $target_vault_guid
	 *
	 */
	public function getRequestByGuid($item_guid, $target_vault_guid) {
		return $this->shareRequest->getRequestByGuid($item_guid, $target_vault_guid);
	}

	/**
	 * Get the access control list by item guid
	 *
	 * @param string $item_guid
	 * @return \OCA\Passman\Db\SharingACL[]
	 */
	public function getCredentialAclList($item_guid) {
		return $this->sharingACL->getCredentialAclList($item_guid);
	}

	/**
	 * Get pending share requests by guid
	 *
	 * @param  string $item_guid
	 * @return \OCA\Passman\Db\ShareRequest[]
	 */
	public function getShareRequestsByGuid($item_guid) {
		return $this->shareRequest->getShareRequestsByGuid($item_guid);
	}

	/**
	 * Get pending share requests by guid
	 *
	 * @param  ShareRequest $request
	 * @return \OCA\Passman\Db\ShareRequest[]
	 */
	public function deleteShareRequest(ShareRequest $request) {
		return $this->shareRequest->deleteShareRequest($request);
	}

	/**
	 * Get pending share requests by guid
	 *
	 * @param  ShareRequest $request
	 * @return \OCA\Passman\Db\ShareRequest[]
	 */
	public function deleteShareACL(SharingACL $ACL) {
		return $this->sharingACL->deleteShareACL($ACL);
	}
}