import { type Actions, error, fail, redirect } from '@sveltejs/kit';
import { deleteUser, getUser, updateUser } from '$lib/db/index.server';
import { PERMISSIONS } from '$lib/consts';
import type { PageServerLoad } from './$types';
import { getUserPerms } from '$lib/index.server';
import { userPerms, employerPerms } from '$lib/shared.svelte';
import type { User } from '$lib/types';

export const load: PageServerLoad = async ({ cookies, params }) => {
	const id = parseInt(params.user);
	const perms = getUserPerms(cookies);
	if (perms >= 0 && (perms & PERMISSIONS.MANAGE_USERS) > 0) {
		return {
			user: await getUser(id)
		};
	}
	error(403, 'Unauthorized');
};

export const actions: Actions = {
	submit: async ({ request, cookies, params }) => {
		const id = parseInt(params.user!);
		const data = await request.formData();
		const username = data.get('username')?.toString().trim();
		let password: string | undefined | null = data.get('password')?.toString().trim();
		const view = data.get('view')?.toString();
		const apply = data.get('apply')?.toString();
		const submitPostings = data.get('submitPostings')?.toString();
		const manageEmployers = data.get('manageEmployers')?.toString();
		const manageTags = data.get('manageTags')?.toString();
		const managePostings = data.get('managePostings')?.toString();
		const manageUsers = data.get('manageUsers')?.toString();
		const accountActive = data.get('accountActive')?.toString();
		let email: string | undefined | null = data.get('email')?.toString().trim();
		let phone: string | undefined | null = data.get('phone')?.toString().trim();
		let fullName: string | undefined | null = data.get('fullName')?.toString().trim();
		let companyCode: string | undefined | null = data
			.get('companyCode')
			?.toString()
			.toUpperCase()
			.trim();

		if (password === '' || password == undefined) password = null;
		if (email === '' || email == undefined) email = null;
		if (phone === '' || phone == undefined) phone = null;
		if (fullName === '' || fullName == undefined) fullName = null;
		if (companyCode === '' || companyCode == undefined) companyCode = null;

		if (email && !email.includes('@')) {
			return fail(400, { errorMessage: 'Invalid email' });
		}

		if (phone && !phone.match(/\((\d{3})\) \d{3}-\d{4}/)) {
			return fail(400, { errorMessage: 'Invalid phone number' });
		}

		let newUserPerms = 0;
		newUserPerms += PERMISSIONS.VIEW * (view === 'on' ? 1 : 0);
		newUserPerms += PERMISSIONS.APPLY_FOR_JOBS * (apply === 'on' ? 1 : 0);
		newUserPerms += PERMISSIONS.SUBMIT_POSTINGS * (submitPostings === 'on' ? 1 : 0);
		newUserPerms += PERMISSIONS.MANAGE_EMPLOYERS * (manageEmployers === 'on' ? 1 : 0);
		newUserPerms += PERMISSIONS.MANAGE_TAGS * (manageTags === 'on' ? 1 : 0);
		newUserPerms += PERMISSIONS.MANAGE_POSTINGS * (managePostings === 'on' ? 1 : 0);
		newUserPerms += PERMISSIONS.MANAGE_USERS * (manageUsers === 'on' ? 1 : 0);
		newUserPerms += PERMISSIONS.MANAGE_COMPANIES * (manageUsers === 'on' ? 1 : 0);

		const requestPerms = getUserPerms(cookies);
		if (!(requestPerms >= 0 && (requestPerms & PERMISSIONS.MANAGE_USERS) > 0)) {
			return fail(403, { errorMessage: 'Unauthorized' });
		}
		if (((requestPerms | userPerms | employerPerms) & newUserPerms) !== newUserPerms) {
			return fail(403, {
				errorMessage: 'Cannot give a user higher permissions than yourself!'
			});
		}
		if (!username) {
			return fail(400, { errorMessage: 'Missing username' });
		}
		if (password && password.length < 8) {
			return fail(400, { errorMessage: 'Password must be at least 8 characters' });
		}
		if (username.length < 4) {
			return fail(400, { errorMessage: 'Username must be at least 4 characters' });
		}

		try {
			await updateUser(<User>{
				id: id,
				username: username,
				password: password,
				perms: newUserPerms,
				active: accountActive === 'on',
				email: email,
				phone: phone,
				fullName: fullName,
				companyCode: companyCode
			});
		} catch (err) {
			return fail(500, { errorMessage: `Internal Server Error: ${err}` });
		}
		return redirect(301, `/admin/users/${id}`);
	},
	delete: async ({ cookies, params }) => {
		const id = parseInt(params.user!);
		const userToDelete = await getUser(id);
		const deletePerms = userToDelete!.perms;
		const requestPerms = getUserPerms(cookies);
		if (!(requestPerms >= 0 && (requestPerms & PERMISSIONS.MANAGE_USERS) > 0)) {
			return fail(403, { errorMessage: 'Unauthorized' });
		} else {
			if ((requestPerms & deletePerms) !== deletePerms) {
				return fail(403, {
					errorMessage: 'Cannot delete a user with higher permissions than yourself!'
				});
			} else {
				try {
					await deleteUser(id);
				} catch (err) {
					return fail(500, { errorMessage: `Internal Server Error: ${err}` });
				}
				return redirect(301, '/admin/users');
			}
		}
	}
};