@namespace Oqtane.Modules.Controls
@inherits ModuleControlBase
@inject IRoleService RoleService
@inject IUserService UserService
@inject IStringLocalizer<PermissionGrid> Localizer
@inject IStringLocalizer<SharedResources> SharedLocalizer

@if (_permissions != null)
{
<div class="container">
    <div class="row">
        <div class="col">
            <table class="table table-borderless">
                <tbody>
                    <tr>
                        <th scope="col">@Localizer["Role"]</th>
                        @foreach (PermissionString permission in _permissions)
                        {
                            <th style="text-align: center; width: 1px;">@Localizer[permission.PermissionName]</th>
                        }
                    </tr>
                    @foreach (Role role in _roles)
                    {
                        <tr>
                            <td>@role.Name</td>
                            @foreach (PermissionString permission in _permissions)
                            {
                                var p = permission;
                                <td style="text-align: center;">
                                    <TriStateCheckBox Value=@GetPermissionValue(p.Permissions, role.Name) Disabled=@GetPermissionDisabled(role.Name) OnChange="@(e => PermissionChanged(e, p.PermissionName, role.Name))" />
                                </td>
                            }
                        </tr>
                    }
                </tbody>
            </table>
            <br />
        </div>
    </div>
    <div class="row">
        <div class="col">
            @if (_users.Count != 0)
            {
                <div class="row">
                    <div class="col">
                    </div>
                </div>
                <table class="table table-borderless">
                    <thead>
                        <tr>
                            <th scope="col">@Localizer["User"]</th>
                            @foreach (PermissionString permission in _permissions)
                            {
                                <th style="text-align: center; width: 1px;">@Localizer[permission.PermissionName]</th>
                            }
                        </tr>
                    </thead>
                    <tbody>
                        @foreach (User user in _users)
                        {
                            string userid = "[" + user.UserId.ToString() + "]";
                            <tr>
                                <td>@user.DisplayName</td>
                                @foreach (PermissionString permission in _permissions)
                                {
                                    var p = permission;
                                    <td style="text-align: center; width: 1px;">
                                        <TriStateCheckBox Value=@GetPermissionValue(p.Permissions, userid) Disabled=false OnChange="@(e => PermissionChanged(e, p.PermissionName, userid))" />
                                    </td>
                                }
                            </tr>
                        }
                    </tbody>
                </table>
                <br />
            }
        </div>
    </div>
    <div class="row">
        <div class="col">
            <table class="table table-borderless">
                <tbody>
                    <tr>
                        <td class="input-group">
                            <input type="text" name="Username" class="form-control" placeholder="@Localizer["Username.Enter"]" @bind="@_username" />
                            <button type="button" class="btn btn-primary" @onclick="AddUser">@SharedLocalizer["Add"]</button>
                        </td>
                    </tr>
                </tbody>
            </table>
            <br />
        </div>
    </div>
    <div class="row">
        <div class="col">
            <ModuleMessage Type="MessageType.Error" Message="@_message" />
        </div>
    </div>
</div>
}

@code {
    private string _permissionnames = string.Empty;
    private List<Role> _roles;
    private List<PermissionString> _permissions;
    private List<User> _users = new List<User>();
    private string _username = string.Empty;
    private string _message = string.Empty;

    [Parameter]
    public string EntityName { get; set; }

    [Parameter]
    public string PermissionNames { get; set; }

    [Parameter]
    public string Permissions { get; set; }

    protected override async Task OnInitializedAsync()
    {
        if (string.IsNullOrEmpty(PermissionNames))
        {
            _permissionnames = Shared.PermissionNames.View + "," + Shared.PermissionNames.Edit;
        }
        else
        {
            _permissionnames = PermissionNames;
        }

        _roles = await RoleService.GetRolesAsync(ModuleState.SiteId);
        _roles.Insert(0, new Role { Name = RoleNames.Everyone });

        _permissions = new List<PermissionString>();

        foreach (string permissionname in _permissionnames.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
        {
            // initialize with admin role
            _permissions.Add(new PermissionString { PermissionName = permissionname, Permissions = RoleNames.Admin });
        }

        if (!string.IsNullOrEmpty(Permissions))
        {
            // populate permissions
            foreach (PermissionString permissionstring in UserSecurity.GetPermissionStrings(Permissions))
            {
                if (_permissions.Find(item => item.PermissionName == permissionstring.PermissionName) != null)
                {
                    _permissions[_permissions.FindIndex(item => item.PermissionName == permissionstring.PermissionName)].Permissions = permissionstring.Permissions;
                }

                if (permissionstring.Permissions.Contains("["))
                {
                    foreach (string user in permissionstring.Permissions.Split(new char[] { '[' }, StringSplitOptions.RemoveEmptyEntries))
                    {
                        if (user.Contains("]"))
                        {
                            var userid = int.Parse(user.Substring(0, user.IndexOf("]")));
                            if (_users.Where(item => item.UserId == userid).FirstOrDefault() == null)
                            {
                                _users.Add(await UserService.GetUserAsync(userid, ModuleState.SiteId));
                            }
                        }
                    }
                }
            }
        }
    }

    private bool? GetPermissionValue(string permissions, string securityKey)
    {
        if ((";" + permissions + ";").Contains(";" + "!" + securityKey + ";"))
        {
            return false; // deny permission
        }
        else
        {
            if ((";" + permissions + ";").Contains(";" + securityKey + ";"))
            {
                return true; // grant permission
            }
            else
            {
                return null; // not specified
            }
        }
    }

    private bool GetPermissionDisabled(string roleName)
        => roleName == RoleNames.Admin
            ? true
            : false;

    private async Task AddUser()
    {
        if (_users.Where(item => item.Username == _username).FirstOrDefault() == null)
        {
            try
            {
                var user = await UserService.GetUserAsync(_username, ModuleState.SiteId);
                if (user != null)
                {
                    _users.Add(user);
                }
            }
            catch
            {
                _message = Localizer["Message.Username.DontExist"];
            }
        }

        _username = string.Empty;
    }

    private void PermissionChanged(bool? value, string permissionName, string securityId)
    {
        var selected = value;
        var permission = _permissions.Find(item => item.PermissionName == permissionName);
        if (permission != null)
        {
            var ids = permission.Permissions.Split(';').ToList();

            ids.Remove(securityId); // remove grant permission
            ids.Remove("!" + securityId); // remove deny permission

            switch (selected)
            {
                case true:
                    ids.Add(securityId); // add grant permission
                    break;
                case false:
                    ids.Add("!" + securityId); // add deny permission
                    break;
                case null:
                    break; // permission not specified
            }

            _permissions[_permissions.FindIndex(item => item.PermissionName == permissionName)].Permissions = string.Join(";", ids.ToArray());
        }
    }

    public string GetPermissions()
    {
        ValidatePermissions();
        return UserSecurity.SetPermissionStrings(_permissions);
    }

    private void ValidatePermissions()
    {
        PermissionString permission;
        for (int i = 0; i < _permissions.Count; i++)
        {
            permission = _permissions[i];
            List<string> ids = permission.Permissions.Split(';').ToList();
            ids.Remove("!" + RoleNames.Everyone); // remove deny all users
            ids.Remove("!" + RoleNames.Registered); // remove deny registered users
            permission.Permissions = string.Join(";", ids.ToArray());
            _permissions[i] = permission;
        }
    }
}