<?php

/**
 * Invoice Ninja (https://invoiceninja.com).
 *
 * @link https://github.com/invoiceninja/invoiceninja source repository
 *
 * @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
 *
 * @license https://www.elastic.co/licensing/elastic-license
 */

namespace Tests\Feature;

use Tests\TestCase;
use App\Models\User;
use App\Models\Account;
use App\Models\Company;
use App\Libraries\MultiDB;
use App\Utils\TruthSource;
use Tests\MockAccountData;
use App\Models\CompanyUser;
use App\Models\CompanyToken;
use App\DataMapper\CompanySettings;
use App\Factory\CompanyUserFactory;
use App\Repositories\UserRepository;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Facades\Session;
use App\Http\Middleware\PasswordProtection;
use Illuminate\Validation\ValidationException;
use Illuminate\Routing\Middleware\ThrottleRequests;
use Illuminate\Foundation\Testing\DatabaseTransactions;

/**
 *
 *  App\Http\Controllers\UserController
 */
class UserTest extends TestCase
{
    use MockAccountData;

    private $default_email = 'attach@gmail.com';

    public $faker;

    protected function setUp(): void
    {
        parent::setUp();

        $this->faker = \Faker\Factory::create();

        $this->withoutMiddleware(
            ThrottleRequests::class,
            PasswordProtection::class
        );

        // $this->makeTestData();

        // $this->withoutExceptionHandling();

    }

    private function mockAccount()
    {

        $account = Account::factory()->create([
            'hosted_client_count' => 1000,
            'hosted_company_count' => 1000,
        ]);

        $account->num_users = 3;
        $account->save();

        $user = User::factory()->create([
            'account_id' => $account->id,
            'confirmation_code' => 'xyz123',
            'email' => \Illuminate\Support\Str::random(32)."@example.com",
        ]);

        $user->password = \Illuminate\Support\Facades\Hash::make('ALongAndBriliantPassword');
        $user->email_verified_at = now();
        $user->save();

        auth()->login($user, false);

        $settings = CompanySettings::defaults();
        $settings->client_online_payment_notification = false;
        $settings->client_manual_payment_notification = false;

        $company = Company::factory()->create([
            'account_id' => $account->id,
            'settings' => $settings,
        ]);

        // $cu = CompanyUserFactory::create($user->id, $company->id, $account->id);
        // $cu->is_owner = true;
        // $cu->is_admin = true;
        // $cu->is_locked = false;
        // $cu->save();

        $user->companies()->attach($company->id, [
            'account_id' => $account->id,
            'is_owner' => 1,
            'is_admin' => 1,
            'is_locked' => 0,
            'permissions' => '',
            'notifications' => \App\DataMapper\CompanySettings::notificationAdminDefaults(),
            'settings' => null,
        ]);

        $token = \Illuminate\Support\Str::random(64);

        $company_token = new CompanyToken();
        $company_token->user_id = $user->id;
        $company_token->company_id = $company->id;
        $company_token->account_id = $account->id;
        $company_token->name = 'test token';
        $company_token->token = $token;
        $company_token->is_system = true;
        $company_token->save();

        // auth()->user()->setContext($company, $company_token);

        $truth = app()->make(TruthSource::class);

        $truth->setCompanyUser($company_token->cu);
        $truth->setUser($company_token->user);
        $truth->setCompany($company_token->company);
        $truth->setCompanyToken($company_token);

        return $company_token;

    }


    public function testValidEmailUpdate()
    {
        $company_token = $this->mockAccount();
        $user = auth()->user();

        // $user = $company_token->user;
        // $user->load('company_user');
        // nlog($company_token->toArray());

        // $user = User::with('company_user')->find($company_token->user_id);
        // nlog($user->toArray());

        $data = $user->toArray();

        nlog($data);
        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->putJson('/api/v1/users/'.$user->hashed_id.'?include=company_user', $data);

        $response->assertStatus(200);

        $data['email'] = 'newemail@gmail.com';

        // $response = $this->withHeaders([
        //     'X-API-SECRET' => config('ninja.api_secret'),
        //     'X-API-TOKEN' => $company_token->token,
        //     'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        // ])->putJson('/api/v1/users/'.$user->hashed_id.'?include=company_user', $data);


        // $response->assertStatus(200);

        // $data = $response->json();
        // $this->assertEquals($data['data']['email'], $data['email']);
    }


    public function testNullEmail()
    {

        $company_token = $this->mockAccount();
        // $user = $company_token->user;
        // $user->load('company_user');

        $user = auth()->user();

        $data = $user->toArray();
        $data['email'] = '';
        unset($data['password']);

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->putJson('/api/v1/users/'.$user->hashed_id.'?include=company_user', $data);

        $response->assertStatus(422);

        $data = $user->toArray();
        unset($data['password']);

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->putJson('/api/v1/users/'.$user->hashed_id.'?include=company_user', $data);

        $response->assertStatus(200);

        $data = $user->toArray();

        $data['email'] = \Illuminate\Support\Str::random(32)."@example.com";
        unset($data['password']);

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->putJson('/api/v1/users/'.$user->hashed_id.'?include=company_user', $data);

        $response->assertStatus(200);

        $arr = $response->json();
        $this->assertEquals($arr['data']['email'], $data['email']);
    }


    public function testUserLocale()
    {

        $company_token = $this->mockAccount();

        $user = auth()->user();

        $user->language_id = "13";
        $user->save();

        $this->assertEquals("fr_CA", $user->getLocale());

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
        ])->get('/api/v1/statics');

        $response->assertStatus(200);

    }


    public function testUserResponse()
    {
        $company_token = $this->mockAccount();

        $_user = MultiDB::hasUser(['email' => 'normal_user@gmail.com']);

        if ($_user) {
            $_user->account->delete();
        }

        $data = [
                'first_name' => 'hey',
                'last_name' => 'you',
                'email' => 'normal_user@gmail.com',
                'company_user' => [
                    'is_admin' => true,
                    'is_owner' => false,
                    'permissions' => 'create_client,create_invoice',
                ],
                'phone' => null,
            ];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->post('/api/v1/users?include=company_user', $data);

        $response->assertStatus(200);

        $user = $response->json();
        $user_id = $user['data']['id'];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->get('/api/v1/users', $data);

        $response->assertStatus(200);
        $arr = $response->json();

        $this->assertCount(2, $arr['data']);

        //archive the user we just created:

        $data = [
            'action' => 'archive',
            'ids' => [$user_id],
        ];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->postJson('/api/v1/users/bulk', $data);

        $response->assertStatus(200);

        $this->assertCount(1, $response->json()['data']);

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->get("/api/v1/users?without={$company_token->user->hashed_id}");

        $response->assertStatus(200);
        $this->assertCount(1, $response->json()['data']);

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->get("/api/v1/users?status=active&without={$company_token->user->hashed_id}");

        $response->assertStatus(200);
        $this->assertCount(0, $response->json()['data']);

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->get("/api/v1/users?status=archived&without={$company_token->user->hashed_id}");

        $response->assertStatus(200);
        $this->assertCount(1, $response->json()['data']);

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->get("/api/v1/users?status=deleted&without={$company_token->user->hashed_id}");

        $response->assertStatus(200);
        $this->assertCount(0, $response->json()['data']);


    }

    public function testUserAttemptingtToDeleteThemselves()
    {

        $account = Account::factory()->create([
            'hosted_client_count' => 1000,
            'hosted_company_count' => 1000,
        ]);

        $account->num_users = 3;
        $account->save();

        $user = User::factory()->create([
            'account_id' => $account->id,
            'confirmation_code' => 'xyz123',
            'email' => \Illuminate\Support\Str::random(32)."@example.com",
            'password' => \Illuminate\Support\Facades\Hash::make('ALongAndBriliantPassword'),
        ]);

        $settings = CompanySettings::defaults();
        $settings->client_online_payment_notification = false;
        $settings->client_manual_payment_notification = false;

        $company = Company::factory()->create([
            'account_id' => $account->id,
            'settings' => $settings,
        ]);

        $user->companies()->attach($company->id, [
            'account_id' => $account->id,
            'is_owner' => 1,
            'is_admin' => 1,
            'is_locked' => 0,
            'permissions' => '',
            'notifications' => \App\DataMapper\CompanySettings::notificationAdminDefaults(),
            'settings' => null,
        ]);

        $token = \Illuminate\Support\Str::random(64);

        $company_token = new CompanyToken();
        $company_token->user_id = $user->id;
        $company_token->company_id = $company->id;
        $company_token->account_id = $account->id;
        $company_token->name = 'test token';
        $company_token->token = $token;
        $company_token->is_system = true;
        $company_token->save();

        $data = [
            'ids' => [$user->hashed_id],
        ];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->postJson('/api/v1/users/bulk?action=delete', $data);


        $response->assertStatus(401);

    }

    // public function testDisconnectUserOauthMailer()
    // {
    //     $account = Account::factory()->create([
    //         'hosted_client_count' => 1000,
    //         'hosted_company_count' => 1000,
    //     ]);

    //     $user =
    //     User::factory()->create([
    //         'account_id' => $account->id,
    //         'email' => $this->faker->safeEmail(),
    //         'oauth_user_id' => '123456789',
    //         'oauth_provider_id' => '123456789',
    //     ]);

    //     $response = $this->withHeaders([
    //         'X-API-TOKEN' => $this->token,
    //     ])->post("/api/v1/users/{$user->hashed_id}/disconnect_mailer");

    //     $response->assertStatus(200);

    //     $user->fresh();

    //     $this->assertNull($user->oauth_user_token);
    //     $this->assertNull($user->oauth_user_refresh_token);

    // }

    public function testUserFiltersWith()
    {
        $company_token = $this->mockAccount();

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->get('/api/v1/users?with='.$company_token->user->hashed_id);

        $response->assertStatus(200);
    }

    public function testUserList()
    {


        $company_token = $this->mockAccount();

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->get('/api/v1/users');

        $response->assertStatus(200);
    }

    public function testValidationRulesPhoneIsNull()
    {
        $this->withoutMiddleware(PasswordProtection::class);
        $company_token = $this->mockAccount();

        $_user = MultiDB::hasUser(['email' => 'bob1@good.ole.boys.com']);

        if ($_user) {
            $_user->account->delete();
        }

        $data = [
            'first_name' => 'hey',
            'last_name' => 'you',
            'email' => 'bob1@good.ole.boys.com',
            'company_user' => [
                'is_admin' => false,
                'is_owner' => false,
                'permissions' => 'create_client,create_invoice',
            ],
            'phone' => null,
        ];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->postJson('/api/v1/users?include=company_user', $data);

        $response->assertStatus(200);
    }

    public function testValidationRulesPhoneIsBlankString()
    {
        $this->withoutMiddleware(PasswordProtection::class);

        $_user = MultiDB::hasUser(['email' => 'bob1@good.ole.boys.com']);

        if ($_user) {
            $_user->account->delete();
        }

        $company_token = $this->mockAccount();
        $data = [
            'first_name' => 'hey',
            'last_name' => 'you',
            'email' => 'bob1@good.ole.boys.com',
            'company_user' => [
                'is_admin' => false,
                'is_owner' => false,
                'permissions' => 'create_client,create_invoice',
            ],
            'phone' => "",
        ];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->postJson('/api/v1/users?include=company_user', $data);

        $response->assertStatus(200);

        $arr = $response->json();

        $user_id = $this->decodePrimaryKey($arr['data']['id']);
        $user = User::find($user_id);


        $data = [
            'first_name' => 'hey',
            'last_name' => 'you',
            'email' => 'bob1@good.ole.boys.com',
            'company_user' => [
                'is_admin' => false,
                'is_owner' => false,
                'permissions' => 'create_client,create_invoice',
                'notifications' => '',
            ],
            'phone' => "",
        ];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->putJson('/api/v1/users/'.$user->hashed_id.'?include=company_user', $data);
    }

    public function testUserStore()
    {
        $this->withoutMiddleware(PasswordProtection::class);


        $_user = MultiDB::hasUser(['email' => 'bob1@good.ole.boys.com']);

        if ($_user) {
            $_user->account->delete();
        }

        $company_token = $this->mockAccount();
        $data = [
            'first_name' => 'hey',
            'last_name' => 'you',
            'email' => 'bob1@good.ole.boys.com',
            'company_user' => [
                'is_admin' => false,
                'is_owner' => false,
                'permissions' => 'create_client,create_invoice',
                'notifications' => '',
            ],
        ];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->postJson('/api/v1/users?include=company_user', $data);

        $response->assertStatus(200);

        $arr = $response->json();

        $this->assertNotNull($arr['data']['company_user']);
    }

    public function testUserAttachAndDetach()
    {
        $this->withoutMiddleware(PasswordProtection::class);

        $_user = MultiDB::hasUser(['email' => $this->default_email]);

        if ($_user) {
            $_user->account->delete();
        }

        $company_token = $this->mockAccount();
        $data = [
            'first_name' => 'Test',
            'last_name' => 'Palloni',
            'email' => $this->default_email,
        ];

        $response = false;

        $response = $this->withHeaders([
                'X-API-SECRET' => config('ninja.api_secret'),
                'X-API-TOKEN' => $company_token->token,
                'X-API-PASSWORD' => 'ALongAndBriliantPassword',
            ])->postJson('/api/v1/users?include=company_user', $data);

        $response->assertStatus(200);

        $arr = $response->json();

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->delete('/api/v1/users/'.$arr['data']['id'].'/detach_from_company?include=company_user');

        $response->assertStatus(200);

        $user_id = $this->decodePrimaryKey($arr['data']['id']);

        $cu = CompanyUser::whereUserId($user_id)->whereCompanyId($company_token->company->id)->first();
        $ct = CompanyToken::whereUserId($user_id)->whereCompanyId($company_token->company->id)->first();
        $user = User::find($user_id);

        $this->assertNull($cu);
        $this->assertNull($ct);
        $this->assertNotNull($user);
    }

    public function testAttachUserToMultipleCompanies()
    {
        $this->withoutMiddleware(PasswordProtection::class);

        $company_token = $this->mockAccount();

        $_user = MultiDB::hasUser(['email' => $this->default_email]);

        if ($_user) {
            $_user->account->delete();
        }


        $_user = MultiDB::hasUser(['email' => 'bob@good.ole.boys.co2.com']);

        if ($_user) {
            $_user->account->delete();
        }


        /* Create New Company */
        $company2 = Company::factory()->create([
            'account_id' => $company_token->account_id,
        ]);

        $company_token = new CompanyToken();
        $company_token->user_id = auth()->user()->id;
        $company_token->company_id = $company2->id;
        $company_token->account_id = auth()->user()->account_id;
        $company_token->name = 'test token';
        $company_token->token = \Illuminate\Support\Str::random(64);
        $company_token->is_system = true;
        $company_token->save();

        /*Manually link this user to the company*/
        auth()->user()->companies()->attach($company2->id, [
             'account_id' => $company_token->account_id,
             'is_owner' => 1,
             'is_admin' => 1,
             'is_locked' => 0,
             'permissions' => '',
             'notifications' => \App\DataMapper\CompanySettings::notificationAdminDefaults(),
             'settings' => null,
         ]);

        /*Create New Blank User and Attach to Company 2*/
        $data = [
            'first_name' => 'Test',
            'last_name' => 'Palloni',
            'email' => $this->default_email,
        ];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
        ])->postJson('/api/v1/users?include=company_user', $data);

        $response->assertStatus(200);

        // $this->assertNotNull($new_user->company_user);
        // $this->assertEquals($new_user->company_user->company_id, $company2->id);

        /*Create brand new user manually with company_user object and attach to a different company*/
        $data = [
            'first_name' => 'hey',
            'last_name' => 'you',
            'email' => 'bob@good.ole.boys.co2.com',
            'company_user' => [
                'is_admin' => false,
                'is_owner' => false,
                'permissions' => 'create_client,create_invoice',
            ],
        ];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
        ])->postJson('/api/v1/users?include=company_user', $data);

        $response->assertStatus(200);

        $arr = $response->json();

        $this->assertNotNull($arr['data']['company_user']);
        $this->assertFalse($arr['data']['company_user']['is_admin']);
        $this->assertFalse($arr['data']['company_user']['is_owner']);
        $this->assertEquals($arr['data']['company_user']['permissions'], 'create_client,create_invoice');

        $user = User::whereEmail('bob@good.ole.boys.co2.com')->first();

        $this->assertNotNull($user);

        $cu = CompanyUser::whereUserId($user->id)->whereCompanyId($company2->id)->first();

        $this->assertNotNull($cu);

        /*Update the user permissions of this user*/
        $data = [
            'first_name' => 'Captain',
            'last_name' => 'Morgain',
            'email' => 'bob@good.ole.boys.co2.com',
            'company_user' => [
                'is_admin' => true,
                'is_owner' => false,
                'permissions' => 'create_invoice,create_invoice',
            ],
        ];

        $response = $this->withHeaders([
            'X-API-SECRET' => config('ninja.api_secret'),
            'X-API-TOKEN' => $company_token->token,
            'X-API-PASSWORD' => 'ALongAndBriliantPassword',
        ])->putJson('/api/v1/users/'.$this->encodePrimaryKey($user->id).'?include=company_user', $data);

        $response->assertStatus(200);

        $arr = $response->json();

        $this->assertNotNull($arr['data']['company_user']);
        $this->assertTrue($arr['data']['company_user']['is_admin']);
        $this->assertFalse($arr['data']['company_user']['is_owner']);
        $this->assertEquals($arr['data']['company_user']['permissions'], 'create_invoice,create_invoice');
    }
}