#
#  Copyright (C) 2013 Aaron Williamson <aaronw@softwarefreedom.org>
#
#  This program is free software: you can redistribute it and/or modify
#  it under the terms of the GNU Affero General Public License as published by
#  the Free Software Foundation, either version 3 of the License, or
#  (at your option) any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU Affero General Public License for more details.
#
#  You should have received a copy of the GNU Affero General Public License
#  along with this program.  If not, see <http://www.gnu.org/licenses/>.

import web

db = web.database(dbn='sqlite', db='mustash.db')


### Folder methods

# Get all folders and authorized users (this is kind of an ugly hack)
def get_folders():
    folder_result = db.query("""
SELECT DISTINCT d.id, d.name, u.username as owner
  FROM directory d 
  JOIN user u ON d.owner_id = u.id 
 ORDER BY d.name
""")

    folders = []

    for row in folder_result:
        folder = {}
        folder['id'] = row.id
        folder['name'] = row.name
        folder['owner'] = row.owner
        folder['users'] = []

        user_result = db.query("""
                               SELECT DISTINCT u.username
                                 FROM user u, directory_user a
                                WHERE a.user_id = u.id 
                                  AND a.directory_id = %s
                             ORDER BY u.username
                               """ % row.id)

        for user in user_result:
            folder['users'].append(user.username)
        
        folders.append(folder)

    return folders

# Add a new folder
def add_folder(name, owner):
    where_vars = {'name': name}
    folders = db.select('directory', where=web.db.sqlwhere(where_vars))

    if not folders:
        return db.insert('directory', name=name.replace("/",""), owner_id=owner)
    else:
        # Can't add non-unique folders
        return False

# Get folder by ID
def get_folder(id):
    where_vars = {'id': id}
    directories = db.select('directory', where=web.db.sqlwhere(where_vars))
    return get_single(directories)

# Get all users authorized on a folder
def get_folder_users(folder_id):
    where_vars = {'directory_id': folder_id}
    result = db.select('directory_user', where=web.db.sqlwhere(where_vars))
    users = []

    for item in result:
        users.append(item.user_id)

    return users

# Update folder
def update_folder(update_values):
    db.update('directory', where="id=$id", vars={'id':update_values['id']},
        name=update_values['name'], owner_id=update_values['owner_id'])

    db.delete('directory_user', where="directory_id=$did", 
              vars={'did':update_values['id']})

    for id in update_values['users']:
        db.insert('directory_user', directory_id=update_values['id'],
                  user_id=id)

# Delete folder and associated authorizations
def delete_folder(id):
    db.delete('directory', where="id=$id", vars=locals())
    db.delete('directory_user', where="directory_id=$id", vars=locals())


### User methods

# Add a new user (or retrieve existing user with name supplied)
def add_user(username, password):
    users = db.select('user', where="username=$username", vars=locals())

    if not users:
        return db.insert('user', username=username, password=password)
    else:
        user = users.list().pop()
        return user["id"]

# Get all users (as List if specified; web.py IterBetter otherwise)
def get_users(as_list=False):
    result = db.select('user')

    if as_list:
        users = []

        for user in result:
            users.append((user.id, user.username))

        return users
    else:
        return result

# Get a single user by ID
def get_user(id):
    where_vars = {'id': id}
    return get_single(db.select('user', where=web.db.sqlwhere(where_vars)))

# Update user's username & password
def update_user(id, username, password):
    db.update('user', where="id=$id", vars=locals(),
              username=username, password=password)

# Authorize a given user on a folder
def authorize_user(user_id, folder_id):
    if not is_authorized(user_id, folder_id):
        db.insert('directory_user', directory_id=folder_id, user_id=user_id)

# Delete user with 'id', every associated authorization, and every
# owned folder
def delete_user(id):
    db.delete('user', where="id=$id", vars=locals())
    db.delete('directory_user', where="user_id=$id", vars=locals())
    db.delete('directory', where="owner_id=$id", vars=locals())

### Utility methods

# Is this user authorized on this folder?
def is_authorized(user_id, folder_id):
    where_vars = {'directory_id': folder_id, 'user_id': user_id}
    auths = db.select('directory_user', where=web.db.sqlwhere(where_vars))

    if not auths:
        return False
    else:
        return True

# Return the first row in a IterBetter result
def get_single(obj):
    return obj[0]