using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using Microsoft.AspNet.Identity;
using System.Security.Principal;
using EnVisage.Code.Cache;
using EnVisage.Models.Cache;

namespace EnVisage.Code
{
    /// <summary>
    /// Manager for check security operations
    /// </summary>
    /// <remarks>Created by SA</remarks>
    public class SecurityManager
    {
        /// <summary>
        /// Returns current user Principal Id (GUID)
        /// </summary>
        public static Guid GetUserPrincipal()
        {
            string userIdAsText = HttpContext.Current.User.Identity.GetID();
            Guid userId = new Guid(userIdAsText);
            return userId;
        }

        /// <summary>
        /// Returns true if passed Area is allowed to be accessed by passed Principal with desired Type of access
        /// </summary>
        public static bool CheckSecurityObjectPermission(Areas area, AccessLevel type)
        {
            try
            {
                List<Areas> areas = new List<Areas>();
                areas.Add(area);
                return CheckAnySecurityObjectPermission(areas, type);
            }
            catch (Exception D) { }
            return false;
        }

        /// <summary>
        /// Returns true if any of passed Areas is allowed to be accessed by passed Principal with desired Type of access
        /// </summary>
        public static bool CheckAnySecurityObjectPermission(List<Areas> areas, AccessLevel type)
        {
            List<string> stringAreas = new List<string>();
            if (areas != null && areas.Count > 0)
                areas.ForEach(a => stringAreas.Add(a.ToString()));

            var principalId = HttpContext.Current.User.Identity.GetID();

            if (principalId == null || principalId== Guid.Empty.ToString()) return false;
            //EnVisageEntities context = new EnVisageEntities();
            SecurityAreasCache securityAreaCache = new SecurityAreasCache();
            /*var user = (from pr in context.AspNetUsers
                        where pr.Id == principalId
                        select pr).FirstOrDefault();*/

            List<UserAreaAccess> s = new List<UserAreaAccess>();
            foreach (var area in stringAreas)
                s.AddRange(securityAreaCache.Value.Where(x => x.PrincipalId == new Guid(principalId) && x.SecurityObject == area));

            if (s.Any())
            {
                if (type == AccessLevel.Write)
                {
                    return s.Any(x => x.Write == 1);
                }
                if (type == AccessLevel.Read)
                {
                    return s.Any(x => (x.Read == 1 || x.Write == 1));
                }
            }

            //var roles = user.AspNetRoles.Select(x => new Guid(x.Id));
            var roles = new UsersCache().Value.FirstOrDefault(x => x.Id == new Guid(principalId)).Roles;
            s = new List<UserAreaAccess>();
            foreach (var role in roles)
            {
                foreach (var area in stringAreas)
                    s.AddRange(securityAreaCache.Value.Where(x => x.PrincipalId == role && x.SecurityObject == area));
            }

            if (s.Any())
            {
                if (type == AccessLevel.Write)
                    return s.Any(x => x.Write == 1);
                if (type == AccessLevel.Read)
                    return s.Any(x => (x.Read == 1 || x.Write == 1));
            }

            return false;
        }

        public static bool CheckProjectPermission(Guid ProjectId, AccessLevel Type)
        {
            var PrincipalId = HttpContext.Current.User.Identity.GetID();
            if (PrincipalId == null || ProjectId == null || PrincipalId == Guid.Empty.ToString()) return false;

            //EnVisageEntities context = new EnVisageEntities();
            ProjectAccessCache projectAccessCache = new ProjectAccessCache();

            var projectAccess = projectAccessCache.Value
                                    .FirstOrDefault(x => x.PrincipalId == new Guid(PrincipalId) && x.ProjectId == ProjectId);

            if (projectAccess != null)
            {
                if (Type == AccessLevel.Write && projectAccess.Write == 1)
                    return true;
                else if (Type == AccessLevel.Read && (projectAccess.Read == 1 || projectAccess.Write == 1))
                    return true;
            }

            //var roles = context.AspNetUsers.FirstOrDefault(x => x.Id == PrincipalId).AspNetRoles.Select(x => new Guid(x.Id));
            var roles = new UsersCache().Value.FirstOrDefault(x => x.Id == new Guid(PrincipalId)).Roles;

            List<UserProjectAccess> projectAccesses = new List<UserProjectAccess>();

            foreach (var role in roles)
            {
                projectAccesses.AddRange(projectAccessCache.Value
                                .Where(x => x.PrincipalId == role && x.ProjectId == ProjectId && (x.Read == 1 || x.Write == 1)));
            }

            if (projectAccesses == null || !projectAccesses.Any())
                return false;

            if (Type == AccessLevel.Write && projectAccesses.Any(x => x.Write == 1))
                return true;
            if (Type == AccessLevel.Read && projectAccesses.Any(x => (x.Read == 1 || x.Write == 1)))
                return true;

            return false;
        }

        public static bool CheckScenarioPermission(Guid ScenarioId, AccessLevel Type)
        {
            // Get parent project (part) id for this scenario
            EnVisageEntities dbContext = new EnVisageEntities();
            Scenario scenario = dbContext.Scenarios.FirstOrDefault(x => x.Id.Equals(ScenarioId));

            if ((scenario != null) && scenario.ParentId.HasValue)
            {
                Guid projectId = scenario.ParentId.Value;
                return CheckProjectPermission(projectId, Type);
            }

            return false;
        }
    }
}