package frontend

import (
	"fmt"
	"html/template"
	"log"
	"net/http"
	"strconv"

	b "streifling.com/jason/cpolis/cmd/backend"
)

type UserData struct {
	*b.User
	Msg string
}

func checkUserStrings(user *b.User) (string, int, bool) {
	userLen := 15
	nameLen := 50

	if len(user.UserName) > userLen {
		return "Benutzername", userLen, false
	} else if len(user.FirstName) > nameLen {
		return "Vorname", nameLen, false
	} else if len(user.LastName) > nameLen {
		return "Nachname", nameLen, false
	} else {
		return "", 0, true
	}
}

func CreateUser(c *b.Config, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		if _, err := getSession(w, r, c, s); err != nil {
			return
		}

		tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
	}
}

func AddUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		session, err := getSession(w, r, c, s)
		if err != nil {
			return
		}

		role, err := strconv.Atoi(r.PostFormValue("role"))
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		htmlData := UserData{
			User: &b.User{
				UserName:  r.PostFormValue("username"),
				FirstName: r.PostFormValue("first-name"),
				LastName:  r.PostFormValue("last-name"),
				Role:      role,
			},
		}
		pass := r.PostFormValue("password")
		pass2 := r.PostFormValue("password2")

		if len(htmlData.UserName) == 0 || len(htmlData.FirstName) == 0 ||
			len(htmlData.LastName) == 0 || len(pass) == 0 || len(pass2) == 0 {
			htmlData.Msg = "Alle Felder müssen ausgefüllt werden."
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
			return
		}
		userString, stringLen, ok := checkUserStrings(htmlData.User)
		if !ok {
			htmlData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
				stringLen, " Zeichen erlaubt.")
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
			return
		}
		id, _ := db.GetID(htmlData.UserName)
		if id != 0 {
			htmlData.Msg = fmt.Sprint(htmlData.UserName,
				" ist bereits vergeben. Bitte anderen Benutzernamen wählen.")
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
			return
		}
		if pass != pass2 {
			htmlData.Msg = "Die Passwörter stimmen nicht überein."
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
			return
		}

		_, err = db.AddUser(htmlData.User, pass)
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
		tmpl = template.Must(tmpl, err)
		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
	}
}

func EditSelf(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		session, err := getSession(w, r, c, s)
		if err != nil {
			return
		}

		user, err := db.GetUser(session.Values["id"].(int64))
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-self.html")
		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user)
	}
}

func UpdateSelf(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		session, err := getSession(w, r, c, s)
		if err != nil {
			return
		}

		userData := UserData{
			User: &b.User{
				ID:        session.Values["id"].(int64),
				UserName:  r.PostFormValue("username"),
				FirstName: r.PostFormValue("first-name"),
				LastName:  r.PostFormValue("last-name"),
			},
		}
		oldPass := r.PostFormValue("old-password")
		newPass := r.PostFormValue("password")
		newPass2 := r.PostFormValue("password2")

		if len(userData.UserName) == 0 || len(userData.FirstName) == 0 ||
			len(userData.LastName) == 0 {
			userData.Msg = "Alle Felder mit * müssen ausgefüllt sein."
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
			tmpl = template.Must(tmpl, err)
			tmpl.ExecuteTemplate(w, "page-content", userData.Msg)
			return
		}

		userString, stringLen, ok := checkUserStrings(userData.User)
		if !ok {
			userData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
				stringLen, " Zeichen erlaubt.")
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
			tmpl = template.Must(tmpl, err)
			tmpl.ExecuteTemplate(w, "page-content", userData)
			return
		}

		if id, ok := db.GetID(userData.UserName); ok {
			if id != userData.ID {
				userData.Msg = "Benutzername bereits vergeben."
				userData.UserName = ""
				tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
				tmpl = template.Must(tmpl, err)
				tmpl.ExecuteTemplate(w, "page-content", userData)
				return
			}
		}

		if err = db.UpdateOwnAttributes(
			userData.ID,
			userData.UserName,
			userData.FirstName,
			userData.LastName,
			oldPass,
			newPass,
			newPass2); err != nil {
			userData.Msg = "Aktualisierung der Benutzerdaten fehlgeschlagen."
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", userData)
		}

		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
		tmpl = template.Must(tmpl, err)
		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
	}
}

func AddFirstUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		if _, err := getSession(w, r, c, s); err != nil {
			return
		}

		var err error
		htmlData := UserData{
			User: &b.User{
				UserName:  r.PostFormValue("username"),
				FirstName: r.PostFormValue("first-name"),
				LastName:  r.PostFormValue("last-name"),
				Role:      b.Admin,
			},
		}
		pass := r.PostFormValue("password")
		pass2 := r.PostFormValue("password2")

		if len(htmlData.UserName) == 0 || len(htmlData.FirstName) == 0 ||
			len(htmlData.LastName) == 0 || len(pass) == 0 || len(pass2) == 0 {
			htmlData.Msg = "Alle Felder müssen ausgefüllt werden."
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
			return
		}
		userString, stringLen, ok := checkUserStrings(htmlData.User)
		if !ok {
			htmlData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
				stringLen, " Zeichen erlaubt.")
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
			return
		}
		id, _ := db.GetID(htmlData.UserName)
		if id != 0 {
			htmlData.Msg = fmt.Sprint(htmlData.UserName,
				" ist bereits vergeben. Bitte anderen Benutzernamen wählen.")
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
			return
		}
		if pass != pass2 {
			htmlData.Msg = "Die Passwörter stimmen nicht überein."
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/add-user.html")
			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
			return
		}

		htmlData.ID, err = db.AddFirstUser(htmlData.User, pass)
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
		if htmlData.ID > 1 {
			errString := "error: there is already a first user"
			log.Println(errString)
			http.Error(w, errString, http.StatusInternalServerError)
			return
		}

		if err := saveSession(w, r, s, htmlData.User); err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		if _, err := db.AddIssue(); err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", 0)
	}
}

func ShowAllUsers(c *b.Config, db *b.DB, s *b.CookieStore, action string) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		session, err := getSession(w, r, c, s)
		if err != nil {
			return
		}

		type htmlData struct {
			Users  map[int64]*b.User
			Action string
		}

		data := &htmlData{Action: action}
		data.Users, err = db.GetAllUsers()
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		delete(data.Users, session.Values["id"].(int64))
		tmpl, err := template.ParseFiles(c.WebDir + "/templates/show-all-users.html")
		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", data)
	}
}

func EditUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		if _, err := getSession(w, r, c, s); err != nil {
			return
		}

		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		user, err := db.GetUser(id)
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user)
	}
}

func UpdateUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		session, err := getSession(w, r, c, s)
		if err != nil {
			return
		}

		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		role, err := strconv.Atoi(r.PostFormValue("role"))
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		userData := UserData{
			User: &b.User{
				ID:        id,
				UserName:  r.PostFormValue("username"),
				FirstName: r.PostFormValue("first-name"),
				LastName:  r.PostFormValue("last-name"),
				Role:      role,
			},
		}
		newPass := r.PostFormValue("password")
		newPass2 := r.PostFormValue("password2")

		if len(userData.UserName) == 0 || len(userData.FirstName) == 0 ||
			len(userData.LastName) == 0 {
			userData.Msg = "Alle Felder mit * müssen ausgefüllt sein."
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
			tmpl = template.Must(tmpl, err)
			tmpl.ExecuteTemplate(w, "page-content", userData.Msg)
			return
		}

		userString, stringLen, ok := checkUserStrings(userData.User)
		if !ok {
			userData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
				stringLen, " Zeichen erlaubt.")
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
			tmpl = template.Must(tmpl, err)
			tmpl.ExecuteTemplate(w, "page-content", userData)
			return
		}

		if id, ok := db.GetID(userData.UserName); ok {
			if id != userData.ID {
				userData.Msg = "Benutzername bereits vergeben."
				userData.UserName = ""
				tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
				tmpl = template.Must(tmpl, err)
				tmpl.ExecuteTemplate(w, "page-content", userData)
				return
			}
		}

		if err = db.UpdateUserAttributes(
			userData.ID,
			userData.UserName,
			userData.FirstName,
			userData.LastName,
			newPass,
			newPass2,
			userData.Role); err != nil {
			userData.Msg = "Aktualisierung der Benutzerdaten fehlgeschlagen."
			tmpl, err := template.ParseFiles(c.WebDir + "/templates/edit-user.html")
			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", userData)
		}

		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
		tmpl = template.Must(tmpl, err)
		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
	}
}

func DeleteUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		session, err := getSession(w, r, c, s)
		if err != nil {
			return
		}

		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		if err = db.DeleteUser(id); err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
		tmpl = template.Must(tmpl, err)
		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
	}
}