<?php

declare(strict_types=1);

namespace KupShop\UserBundle\Controller;

use KupShop\AdminBundle\AdminRequiredControllerInterface;
use KupShop\AdminBundle\Util\LegacyAdminCredentials;
use KupShop\UserBundle\Security\UserProvider;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Attribute\AsController;
use Symfony\Component\Routing\Attribute\Route;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;

#[AsController]
class ImpersonateController implements AdminRequiredControllerInterface
{
    #[Route('/_user/impersonate/{id}/', requirements: ['id' => '\d+'])]
    public function impersonateUser(Request $request, LegacyAdminCredentials $adminCredentials, int $id, UserProvider $userProvider, TokenStorageInterface $tokenStorage): Response
    {
        $adminCredentials->setAdminGlobalVars();

        if (!findRight('USR_IMPERSONATE')) {
            return new Response('Nedostatečená práva');
        }

        // Hotfix: Čistý bude až se merge přihlašování do adminu přes symfony
        $user = $userProvider->loadUserById($id);
        $dummyToken = new UsernamePasswordToken($user, 'main', $user->getRoles());

        $impersonationToken = new SwitchUserToken($user, 'main', $user->getRoles(), $dummyToken);
        $tokenStorage->setToken($impersonationToken);

        $user->getKupshopUser()->login(skipSymfonyLogin: true);

        if (findModule(\Modules::JS_SHOP)) {
            $request->getSession()->set('adminLogin', true);
        }

        return new RedirectResponse('/');
    }
}