<?php

// ##############################################################
global $cfg;
// ##############################################################

use KupShop\AdminBundle\Util\ActivityLog;
use KupShop\AdminBundle\Util\LegacyAdminCredentials;
use KupShop\KupShopBundle\Util\Compat\ServiceContainer;
use Query\Operator;

$main_class = 'Admins';

class Admins extends Window
{
    use DatabaseCommunication;

    protected $nameField = 'login';
    protected $required = ['login' => true];

    public function get_vars()
    {
        $vars = parent::get_vars();
        $pageVars = getVal('body', $vars);
        $ID = $this->getID();
        $acn = $this->getAction();

        $pageVars['data']['data'] = $pageVars['data']['data'] ?? null;
        $this->unserializeCustomData($pageVars['data']);

        $vars['body'] = $pageVars;

        return $vars;
    }

    public function getObject()
    {
        $data = parent::getObject();
        if ($data['privilege'] == 'ALL_RIGHTS') {
            $data['all_rights'] = 'Y';
        } else {
            $data['all_rights'] = 'N';
        }

        return $data;
    }

    public function getData()
    {
        $data = parent::getData();
        $acn = $this->getAction();

        if (getVal('Submit') && $acn != 'passw') {
            $data['date_valid'] = $this->prepareDateTime($data['date_valid']);

            if ($data['all_rights'] == 'Y') {
                $data['privilege'] = 'ALL_RIGHTS';
            } else {
                $data['privilege'] = '';
                foreach ($data as $key => $row) {
                    if ($row == 'ON') {
                        $data['privilege'] .= $key.'|';
                    }
                }

                $data['privilege'] = substr($data['privilege'], 0, -1);
            }
        }

        if ($acn == 'add' && !getVal('Submit')) {
            $data['privilege'] = '';
            $data['date_reg'] = date('Y-m-d H:i');
            $data['active'] = 'Y';
        }

        $data['data'] = $data['custom_data'] ?? [];

        $this->serializeCustomData($data);

        return $data;
    }

    public function updatePass($password, $id)
    {
        $new_hash = password_hash($password, PASSWORD_BCRYPT);
        $this->updateSQL('admins', ['password' => $new_hash], ['id' => $id]);

        return $new_hash;
    }

    public function handleImpersonate(): void
    {
        if (!findRight('OTH_ADM_EDIT')) {
            $this->returnError('Nedostatečená práva');
        }

        $legacyAdminCredentials = ServiceContainer::getService(LegacyAdminCredentials::class);

        $newAdmin = $legacyAdminCredentials->getAdminById(
            (int) $this->getID()
        );

        addActivityLog(
            ActivityLog::SEVERITY_NOTICE,
            ActivityLog::TYPE_SECURITY,
            sprintf(translate('impersonateLogMessage'), $newAdmin['login'])
        );

        $legacyAdminCredentials->setLoginSession($this->getID());

        $this->redirect(['acn' => 'erased3']);
    }

    public function handlePassw()
    {
        if (getVal('Submit')) {
            $data = $this->getData();
            global $adminID;
            $admPassOld = $data['admPassOld'];
            $admPass1 = $data['admPass1'];
            $admPass2 = $data['admPass2'];
            if (!empty($admPassOld) && !empty($admPass1) && !empty($admPass2)) {
                $error = 0;
                // nova hesla se musi rovnat
                if ($admPass1 != $admPass2) {
                    $error = 1;
                    // Zadané heslo a kontrolní heslo se neshodují
                    $ErrStr = translate('errorPasswNotEqual');
                }
                // kontrola puvodniho hesla
                $SQL = sqlQuery("SELECT id, login, password, OLD_PASSWORD('".$admPassOld."') AS passwGet
                                  FROM ".getTableName('admins')."
                                  WHERE id='".$adminID."'
                                  LIMIT 1");

                if (sqlNumRows($SQL) == 1) {
                    $log = sqlFetchArray($SQL);
                    $admName = $log['login'];
                    if (($log['passwGet'] != $log['password']) && (password_verify($admPassOld, $log['password']) == false)) {
                        $error = 1;
                        // Zadané současné heslo není správné
                        $ErrStr = translate('errorBadPassw');
                    }
                }
                sqlFreeResult($SQL);

                if ($error == 0) {
                    /*$SQL = sqlQuery("UPDATE ".getTableName("admins")."
                              SET password=OLD_PASSWORD('".$admPass1."') WHERE id='".$adminID."' ");
               */
                    $new_hash = password_hash($admPass1, PASSWORD_BCRYPT);
                    $this->updateSQL('admins', ['password' => $new_hash], ['id' => $adminID]);

                    if ($SQL) {
                        $ErrStr = urlencode(translate('saved', 'status'));

                        writeDownActivity(sprintf(translate('activityPasswEdited'), $admName));

                        redirect('launch.php?s=admins.php&acn=passw&ErrStr='.$ErrStr);
                    } else {
                        $ErrStr = translate('scripterror', 'status');
                    }
                } else {
                    redirect('launch.php?s=admins.php&acn=passw&ErrStr='.urlencode($ErrStr));
                }
            } else {
                $ErrStr = translate('errorNotAllValidPassw');
                redirect('launch.php?s=admins.php&acn=passw&ErrStr='.urlencode($ErrStr));
            }
        }
        // die($ErrStr);
    }

    public function handleUpdate()
    {
        $SQL = parent::handleUpdate();
        if ($SQL) {
            $IDadm = $this->getID();
            $data = $this->getData();

            if (!empty($data['pass'])) {
                /*sqlQuery("UPDATE ".getTableName("admins")."
                        SET password=OLD_PASSWORD('{$data['pass']}')
                        WHERE id='{$IDadm}' ");
              */
                $new_hash = password_hash($data['pass'], PASSWORD_BCRYPT);
                $this->updateSQL('admins', ['password' => $new_hash], ['id' => $IDadm]);
            }

            // ####################################################
            // UPRAVA PRAV ADMINA KE CLANKUM
            if (isset($data['ArtAuthors'])) {
                if (findModule('articles')) {
                    // smazat vsechny radky
                    sqlQuery('DELETE FROM '.getTableName('articles_authors_admins')."
                            WHERE id_admin='".$IDadm."' ", '@');

                    if ($data['ArtAuthors'][0] != 0) {
                        $no = count($data['ArtAuthors']);
                        for ($i = 0; $i < $no; $i++) {
                            sqlQuery('INSERT INTO '.getTableName('articles_authors_admins')."
                                SET id_admin='".$IDadm."', id_auth='".$data['ArtAuthors'][$i]."' ");
                        }
                    }
                }
            }

            // ####################################################
            // UPRAVA PRAV ADMINA K SEKCIM CLANKU
            if (isset($data['ArtSections'])) {
                if (findModule('articles_sections')) {
                    // smazat vsechny radky
                    sqlQuery('DELETE FROM '.getTableName('articles_branches_admins')."
                            WHERE id_admin='".$IDadm."' ", '@');

                    if ($data['ArtSections'][0] != 0) {
                        $no = count($data['ArtSections']);
                        for ($i = 0; $i < $no; $i++) {
                            sqlQuery('INSERT INTO '.getTableName('articles_branches_admins')."
                                SET id_admin='".$IDadm."', id_branch='".$data['ArtSections'][$i]."' ");
                        }
                    }
                }
            }

            // ####################################################
        }

        return $SQL;
    }

    public function handleDelete()
    {
        $IDadm = $this->getID();
        if (!findRight('OTH_ADM_ERASE')) {
            redirect('launch.php?s=error.php&id=1');
        }
        global $adminID;
        if ($adminID != $IDadm) {
            writeDownActivity(sprintf(translate('activityDeleted'), returnSQLResult('SELECT login
                                FROM '.getTableName('admins')."
                                WHERE id='".$IDadm."' ")));

            $SQL = sqlQuery('DELETE FROM '.getTableName('admins')." WHERE id='{$IDadm}' ");

            redirect('launch.php?s=admins.php&acn=erased');
        } else {
            // Nemůžete smazat administrátora, pod kterým jste právě přihlášen
            $ErrStr = translate('errorCantDeleteActive');

            redirect('launch.php?s=admins.php&acn=edit&ID='.$IDadm.'&ErrStr='.$ErrStr);
        }
    }

    public function articlesSections($topCat)
    {
        $data = [];
        $SQL = sqlQuery('SELECT ab.id, ab.name
                    FROM '.getTableName('articles_branches')." AS ab
                    WHERE ab.top_branch='".$topCat."'
                    ORDER BY ab.name ASC");
        $ID = $this->getID();
        foreach ($SQL as $key => $row) {
            $data[$key]['id'] = $row['id'];
            $data[$key]['level'] = $topCat;
            $data[$key]['selected'] = returnSQLResult('SELECT Count(id_admin)
                                        FROM '.getTableName('articles_branches_admins')."
                                        WHERE id_admin='".$ID."' AND id_branch='".$row['id']."' LIMIT 1 ");
            $data[$key]['name'] = $row['name'];
            $data[$key]['submenu'] = $this->articlesSections($row['id']);
        }

        return $data;
    }

    public function handleSendPassword()
    {
        global $dbcfg, $cfg;
        $ID = $this->getID();

        $admin = sqlFetch($this->selectSQL('admins', ['id' => $ID]));

        $password = $this->generatePassword(10);

        $admin['password'] = $password;
        $new_hash = password_hash($password, PASSWORD_BCRYPT);

        $this->updateSQL('admins', ['password' => $new_hash], ['id' => $ID]);

        if (!isset($cfg['Menu']['wpj_toolbar'])) {
            $cfg['Menu']['wpj_toolbar'] = null;
        }
        $admin_url = getVal('admin_url', $cfg['Menu']['wpj_toolbar'], 'admin/');

        $smarty = createSmarty(false, true);
        $smarty->assign(['admin' => $admin, 'admin_url' => $admin_url]);
        $content = $smarty->fetch(findTemplate('email/password_generate.tpl'));

        if (SendMail($dbcfg->shop_email, $admin['email'], 'Nové heslo do administrace '.substr($cfg['Addr']['print'], 0, -1), $content, 'text/html')) {
            $this->returnOK('Heslo bylo úspěšně zasláno na email');
        } else {
            $this->returnError('Heslo se nepodařilo odeslat, zkuste to prosím znovu');
        }
    }

    public function generatePassword($length = 8)
    {
        $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
        $count = mb_strlen($chars);

        for ($i = 0, $result = ''; $i < $length; $i++) {
            $index = rand(0, $count - 1);
            $result .= mb_substr($chars, $index, 1);
        }

        return $result;
    }

    public function handlePrintHashLogin()
    {
        $ID = $this->getID();

        $admin = sqlQueryBuilder()->select('*')->from('admins')->where(Operator::equals(['id' => $ID]))->execute()->fetch();

        if (empty($admin['token'])) {
            $this->returnError('Nejdříve musíte vygenerovat přihlašovací token!');
        }

        $smarty = createSmarty(true, true);
        $smarty->assign([
            'login' => $admin['login'],
            'code' => $admin['token'],
        ]);
        $smarty->display('window/adminsPrintHashLogin.tpl');
        exit;
    }

    public function generateAdminToken(): string
    {
        return ServiceContainer::getService(\KupShop\KupShopBundle\Util\System\TokenGenerator::class)->generate(16);
    }
}