package handler

import (
	"encoding/json"
	"net/http"

	"github.com/drone/drone/server/datastore"
	"github.com/drone/drone/shared/model"
	"github.com/goji/context"
	"github.com/zenazn/goji/web"
)

// GetUsers accepts a request to retrieve all users
// from the datastore and return encoded in JSON format.
//
//     GET /api/users
//
func GetUserList(c web.C, w http.ResponseWriter, r *http.Request) {
	var ctx = context.FromC(c)
	var user = ToUser(c)
	switch {
	case user == nil:
		w.WriteHeader(http.StatusUnauthorized)
		return
	case user.Admin == false:
		w.WriteHeader(http.StatusForbidden)
		return
	}
	users, err := datastore.GetUserList(ctx)
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		return
	}
	json.NewEncoder(w).Encode(users)
}

// GetUser accepts a request to retrieve a user by hostname
// and login from the datastore and return encoded in JSON
// format.
//
//     GET /api/users/:host/:login
//
func GetUser(c web.C, w http.ResponseWriter, r *http.Request) {
	var ctx = context.FromC(c)
	var (
		user  = ToUser(c)
		host  = c.URLParams["host"]
		login = c.URLParams["login"]
	)
	switch {
	case user == nil:
		w.WriteHeader(http.StatusUnauthorized)
		return
	case user.Admin == false:
		w.WriteHeader(http.StatusForbidden)
		return
	}
	user, err := datastore.GetUserLogin(ctx, host, login)
	if err != nil {
		w.WriteHeader(http.StatusNotFound)
		return
	}
	json.NewEncoder(w).Encode(user)
}

// PostUser accepts a request to create a new user in the
// system. The created user account is returned in JSON
// format if successful.
//
//     POST /api/users/:host/:login
//
func PostUser(c web.C, w http.ResponseWriter, r *http.Request) {
	var ctx = context.FromC(c)
	var (
		user  = ToUser(c)
		host  = c.URLParams["host"]
		login = c.URLParams["login"]
	)
	switch {
	case user == nil:
		w.WriteHeader(http.StatusUnauthorized)
		return
	case user.Admin == false:
		w.WriteHeader(http.StatusForbidden)
		return
	}
	account := model.NewUser(host, login, "")
	if err := datastore.PostUser(ctx, account); err != nil {
		w.WriteHeader(http.StatusBadRequest)
		return
	}
	json.NewEncoder(w).Encode(account)
}

// DeleteUser accepts a request to delete the specified
// user account from the system. A successful request will
// respond with an OK 200 status.
//
//     DELETE /api/users/:host/:login
//
func DelUser(c web.C, w http.ResponseWriter, r *http.Request) {
	var ctx = context.FromC(c)
	var (
		user  = ToUser(c)
		host  = c.URLParams["host"]
		login = c.URLParams["login"]
	)
	switch {
	case user == nil:
		w.WriteHeader(http.StatusUnauthorized)
		return
	case user.Admin == false:
		w.WriteHeader(http.StatusForbidden)
		return
	}
	account, err := datastore.GetUserLogin(ctx, host, login)
	if err != nil {
		w.WriteHeader(http.StatusNotFound)
		return
	}
	if account.ID == user.ID {
		w.WriteHeader(http.StatusBadRequest)
		return
	}
	if err := datastore.DelUser(ctx, account); err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		return
	}
	w.WriteHeader(http.StatusOK)
}