/*

 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.

 *

 * The contents of this file are subject to the terms of either the GNU

 * General Public License Version 2 only ("GPL") or the Common

 * Development and Distribution License("CDDL") (collectively, the

 * "License"). You may not use this file except in compliance with the

 * License. You can obtain a copy of the License at

 * http://www.netbeans.org/cddl-gplv2.html

 * or nbbuild/licenses/CDDL-GPL-2-CP. See the License for the

 * specific language governing permissions and limitations under the

 * License.  When distributing the software, include this License Header

 * Notice in each file and include the License file at

 * nbbuild/licenses/CDDL-GPL-2-CP.  Sun designates this

 * particular file as subject to the "Classpath" exception as provided

 * by Sun in the GPL Version 2 section of the License file that

 * accompanied this code. If applicable, add the following below the

 * License Header, with the fields enclosed by brackets [] replaced by

 * your own identifying information:

 * "Portions Copyrighted [year] [name of copyright owner]"

 *

 * Contributor(s):

 *

 * Portions Copyrighted 2009 Jaroslav Tulach

 */

package cz.xelfi.quoridor.webidor.resources;

import com.sun.jersey.api.json.JSONWithPadding;

import cz.xelfi.quoridor.webidor.*;

import java.io.File;

import java.io.FileInputStream;

import java.io.FileNotFoundException;

import java.io.FileOutputStream;

import java.io.IOException;

import java.util.Properties;

import java.util.logging.Logger;

import javax.ws.rs.GET;

import javax.ws.rs.POST;

import javax.ws.rs.Path;

import javax.ws.rs.PathParam;

import javax.ws.rs.Produces;

import javax.ws.rs.QueryParam;

import javax.ws.rs.core.MediaType;

import javax.ws.rs.core.Response;

/**

 *

 * @author Jaroslav Tulach <jtulach@netbeans.org>

 */

public final class Users {

    private final Quoridor quoridor;

    private final File dir;

    private static final Logger LOG = Logger.getLogger(Users.class.getName());

    Users(File dir, Quoridor quoridor) {

        this.dir = dir;

        this.quoridor = quoridor;

        dir.mkdirs();

    }

    @GET

    @Produces({ "application/x-javascript", MediaType.APPLICATION_JSON, MediaType.TEXT_XML })

    public JSONWithPadding getOwnInfo(

        @QueryParam("callback") String callback,

        @QueryParam("loginID") String loginId

    ) throws IOException {

        return getUserInfo(callback, loginId, null);

    }

    User getUserInfo(

        @QueryParam("loginID") String loginId,

        @PathParam("id") String id

    ) throws IOException {

        String  myid = quoridor.isLoggedIn(loginId);

        if (id == null) {

            id = myid;

        }

        Properties myp = getProp(myid);

        Properties p = getProp(id);

        User user = new User(id);

        for (String n : p.stringPropertyNames()) {

            final String prefix = "permission.";

            if (n.startsWith(prefix)) {

                if ("true".equals(p.getProperty(n))) {

                    user.addPermission(n.substring(prefix.length()));

                }

                continue;

            }

            if (!id.equals(myid) && !"true".equals(myp.getProperty("permission." + n))) {

                continue;

            }

            user.addProperty(n, p.getProperty(n));

        }

        return user;

    }

    @GET

    @Path("{id}")

    @Produces({ "application/x-javascript", MediaType.APPLICATION_JSON, MediaType.TEXT_XML })

    public JSONWithPadding getUserInfo(

        @QueryParam("callback") String callback,

        @QueryParam("loginID") String loginId,

        @PathParam("id") String id

    ) throws IOException {

        return new JSONWithPadding(getUserInfo(loginId, id), callback);

    }

    @POST

    @Path("{id}")

    @Produces({ MediaType.APPLICATION_JSON, MediaType.TEXT_XML })

    public synchronized Response changeProperty(

        @QueryParam("loginID") String loginId,

        @PathParam("id") String id,

        @QueryParam("name") String name,

        @QueryParam("value") String value

    ) throws IOException {

        String myid = quoridor.isLoggedIn(loginId);

        if (!id.equals(myid) || name.startsWith("permission.")) {

            return Response.status(Response.Status.UNAUTHORIZED).build();

        }

        Properties p = getProp(myid);

        p.setProperty(name, value);

        File f = new File(dir, id);

        FileOutputStream os = new FileOutputStream(f);

        p.store(os, "");

        os.close();

        return Response.ok().entity(getUserInfo(null, loginId, id).getJsonSource()).build();

    }

    final boolean verifyPassword(String id, String passwd) throws IOException {

        Properties p = getProp(id);

        if (p != null) {

            return passwd.equals(p.getProperty("passwd"));

        }

        return false;

    }

    private synchronized Properties getProp(String id) throws FileNotFoundException, IOException {

        Properties p = new Properties();

        if (id != null && id.length() > 0) {

            File f = new File(dir, id);

            if (f.exists()) {

                FileInputStream is = new FileInputStream(f);

                p.load(is);

                is.close();

            }

        }

        return p;

    }

}