<?php

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

ob_start();
header('Content-Type: application/json');

require_once __DIR__ . "/../required.php";
require_once __DIR__ . "/../machine.php";
require_once __DIR__ . "/../roles.php";

$VARS;
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $VARS = $_POST;
} else {
    $VARS = $_GET;
}

function sendError($type, $msg = "An error occurred.") {
    $code = 404;
    switch ($type) {
        case "invalidapikey":
            $code = 403;
            $msg = "Invalid API key.  Access denied.";
            break;
        case "nopermission":
            $code = 403;
            $msg = "You don't have permission to do that.";
            break;
        case "nomachineid":
            $code = 400;
            $msg = "No machine ID sent.";
            break;
        case "dberror":
            $code = 500;
            $msg = "The database encountered an error: $msg";
    }
    http_response_code($code);
    die(json_encode([
        "status" => "ERROR",
        "message" => $msg
    ]));
}

if (!$database->has('apikeys', ['key' => $VARS['key']])) {
    sendError("invalidapikey");
}

function dieWithoutRole($roleid) {
    global $VARS;
    $roles = [];
    if (is_array($roleid)) {
        $roles = $roleid;
    } else {
        $roles = [$roleid];
    }
    $hasrole = false;
    foreach ($roles as $r) {
        if (Roles::has($VARS['key'], $r)) {
            $hasrole = true;
        }
    }
    if (!$hasrole) {
        sendError("nopermission");
    }
}

switch ($VARS['action']) {
    /* Get info */
    case "getmachineinfo":
        dieWithoutRole(Roles::ROLE_VIEWBYID);
        if (empty($VARS['id'])) {
            sendError("nomachineid");
        }

        try {
            $machine = new Machine($VARS['id']);
            echo json_encode($machine->getMachineInfo());
        } catch (Exception $e) {
            sendError("", $e->getMessage());
        }
        break;
    case "getmachinehistory":
        dieWithoutRole(Roles::ROLE_VIEWBYID);
        if (empty($VARS['id'])) {
            sendError("nomachineid");
        }

        try {
            $machine = new Machine($VARS['id']);
            echo json_encode($machine->getHistory());
        } catch (Exception $e) {
            sendError("", $e->getMessage());
        }
        break;
    case "getmachinecomponents":
        dieWithoutRole(Roles::ROLE_VIEWBYID);
        if (empty($VARS['id'])) {
            sendError("nomachineid");
        }

        try {
            $machine = new Machine($VARS['id']);
            echo json_encode($machine->getComponents());
        } catch (Exception $e) {
            sendError("", $e->getMessage());
        }
        break;
    case "geteventtypes":
        echo json_encode($database->select('event_types', ['eventid (id)', 'eventname (name)']));
        break;
    case "getcomponenttypes":
        echo json_encode($database->select('component_types', ['typeid (id)', 'typename (name)']));
        break;


    /* Save info */
    case "addmachine":
        dieWithoutRole(Roles::ROLE_ADDEDIT);
        if (empty($VARS['id'])) {
            $VARS['id'] = Machine::generateId();
        }
        if ($database->has('machines', ['machineid' => $VARS['id']])) {
            sendError("", "A machine with that ID already exists.");
        }
        $data = [];
        $data['machineid'] = $VARS['id'];
        if (empty($VARS['notes'])) {
            $data['notes'] = "";
        } else {
            $data['notes'] = $VARS['notes'];
        }
        if (!empty($VARS['model'])) {
            $data['model'] = $VARS['model'];
        }
        if (!empty($VARS['condition'])) {
            if (is_numeric($VARS['condition']) && $VARS['condition'] > 0 && $VARS['condition'] < 10) {
                $data['condition'] = $VARS['condition'] * 1.0;
            } else {
                sendError("", "Machine condition must be a number and 0 < condition < 10.");
            }
        }
        if (!empty($VARS['price'])) {
            if (is_numeric($VARS['price']) && $VARS['price'] > 0 && $VARS['price'] < 10000.0) {
                $data['price'] = $VARS['price'] * 1.0;
            } else {
                sendError("", "Machine price must be a number and 0 < price < 10000.");
            }
        }
        if (!empty($VARS['os'])) {
            $data['os'] = $VARS['os'];
        }
        if (!empty($VARS['serial'])) {
            $data['serial'] = $VARS['serial'];
        }
        if (!empty($VARS['manufacturer'])) {
            $data['manufacturer'] = $VARS['manufacturer'];
        }

        $database->insert('machines', $data);
        if ($database->error()[1] != 0) {
            sendError("dberror", $database->error()[2]);
        }
        exit(json_encode(["status" => "OK", "id" => $data['machineid']]));
        break;
    case "addhistory":
        dieWithoutRole([Roles::ROLE_ADDEDIT, Roles::ROLE_ADDHIST]);
        if (empty($VARS['id'])) {
            sendError("nomachineid");
        }
        try {
            $machine = new Machine($VARS['id']);
            $machine->addHistory($VARS['date'], $VARS['event'], $VARS['notes']);
            exit(json_encode(["status" => "OK"]));
        } catch (Exception $e) {
            sendError("", $e->getMessage());
        }
        break;
    case "addcomponent":
        dieWithoutRole(Roles::ROLE_ADDEDIT);
        if (empty($VARS['id'])) {
            sendError("nomachineid");
        }
        try {
            $machine = new Machine($VARS['id']);
            $machine->addComponent($VARS['serial'], $VARS['type'], $VARS['tested'], $VARS['notes'], $VARS['capacity'], $VARS['model']);
            exit(json_encode(["status" => "OK"]));
        } catch (Exception $e) {
            sendError("", $e->getMessage());
        }
        break;


    case "ping":
        exit(json_encode(['status' => 'OK']));
    case "myroles":
        $roles = $database->select('permissions', ['[>]roles' => 'roleid'], ['roles.roleid (id)', 'rolename (name)'], ['apikey' => $VARS['key']]);
        exit(json_encode(["status" => "OK", "roles" => $roles]));
        break;

    default:
        sendError("", "Invalid action or no action sent.");
}