using System.Linq;
using Microsoft.SharePoint;

namespace CondoUpdate.SetPermissionsForDomusPage
{
    public static class SecurityHelper
    {
        public static void AddUserToGroup(SPWeb web, string loginName, string email, string name, string groupName)
        {
            // don't need to add user in group second time
            if (IsUserInGroup(web, loginName, groupName))
            {
                return;
            }

            if (!containsUser(web, loginName))
            {
                web.EnsureUser(loginName);
            }
            var group = web.SiteGroups[groupName];
            group.AddUser(loginName, email, name, string.Empty);
        }

        public static bool IsUserInGroup(SPWeb web, string loginName, string groupName)
        {
            var group = web.SiteGroups[groupName];
            return group.Users.Cast<SPUser>().Any(u => string.Compare(u.LoginName, loginName, true) == 0);
        }

        public static void CreateUser(SPWeb web, string loginName, string email, string name)
        {
            if (!containsUser(web, loginName))
            {
                try
                {
                    var user = web.EnsureUser(loginName);
                    user.Email = email;
                    user.Update();
                }
                catch (SPException)
                {
                    // EnsureUser can fail on one of WFEs because of some reason.
                    // To avoid this error add user manually
                    //string name = getUserName(loginName);
                    if (!string.IsNullOrEmpty(name))
                    {
                        web.AllUsers.Add(loginName, email, name, "");
                    }
                }
            }
        }

        public static bool containsUser(SPWeb web, string loginName)
        {
            return web.AllUsers.Cast<SPUser>().Any(u => string.Compare(u.LoginName, loginName, true) == 0);
        }

        //        private static string getUserName(string loginName)
        //        {
        //            if (string.IsNullOrEmpty(loginName))
        //            {
        //                return string.Empty;
        //            }
        //            if (loginName.Contains("\\"))
        //            {
        //                return string.Empty;
        //            }
        //            string name = loginName.Substring(loginName.LastIndexOf("\\"));
        //            return name;
        //        }

        public static SPGroup EnsureSiteGroup(SPWeb web, string groupName)
        {
            if (!isGroupExist(web, groupName))
            {
                web.SiteGroups.Add(groupName, web.SiteAdministrators[0], null, string.Empty);
            }

            return web.SiteGroups[groupName];
        }

        private static bool isGroupExist(SPWeb web, string groupName)
        {
            return web.SiteGroups.Cast<SPGroup>().Any(g => string.Compare(g.Name, groupName, true) == 0);
        }

        public static void AssignGroupRoleToSecurableObject(SPWeb web, ISecurableObject securableObject,
            SPRoleType roleType, SPGroup group)
        {
            SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(roleType);
            AssignGroupRoleToSecurableObject(web, securableObject, roleDefinition, group, true);
        }

        public static void AssignGroupRoleToSecurableObject(SPWeb web, ISecurableObject securableObject,
            SPRoleType roleType, SPGroup group, bool copyRoleAssignment)
        {
            SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(roleType);
            AssignGroupRoleToSecurableObject(web, securableObject, roleDefinition, group, copyRoleAssignment);
        }

        public static void AssignGroupRoleToSecurableObject(SPWeb web, ISecurableObject securableObject,
            SPRoleDefinition roleDefinition, SPGroup group, bool copyRoleAssignment)
        {
            SPRoleAssignment roleAssignment = new SPRoleAssignment(group);
            AssignRoleToSecurableObject(web, securableObject, roleDefinition, roleAssignment, copyRoleAssignment);
        }

        public static void AssignGroupRoleToSecurableObject(SPWeb web, ISecurableObject securableObject,
            SPRoleDefinition roleDefinition, SPGroup group)
        {
            SPRoleAssignment roleAssignment = new SPRoleAssignment(group);
            AssignRoleToSecurableObject(web, securableObject, roleDefinition, roleAssignment, true);
        }

        public static void AssignUserRoleToSecurableObject(SPWeb web, ISecurableObject securableObject,
            SPRoleType roleType, SPUser user)
        {
            SPRoleAssignment roleAssignment = new SPRoleAssignment(user);
            SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(roleType);
            AssignRoleToSecurableObject(web, securableObject, roleDefinition, roleAssignment, true);
        }

        public static void AssignRoleToSecurableObject(SPWeb web, ISecurableObject securableObject, SPRoleDefinition roleDefinition, SPRoleAssignment roleAssignment,
            bool copyRoleAssignment)
        {
            roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
            if (!securableObject.HasUniqueRoleAssignments)
            {
                securableObject.BreakRoleInheritance(copyRoleAssignment);
                // 2013-01-22 apetuhov: BreakRoleInheritance causes reset of AllowUnsafeUpdates to false.
                // See http://hristopavlov.wordpress.com/2008/05/16/what-you-need-to-know-about-allowunsafeupdates/
                if (web != null && !web.AllowUnsafeUpdates)
                {
                    web.AllowUnsafeUpdates = true;
                }
                if (securableObject is SPWeb)
                {
                    var secureWeb = securableObject as SPWeb;
                    if (!secureWeb.AllowUnsafeUpdates)
                    {
                        secureWeb.AllowUnsafeUpdates = true;
                    }
                }
            }
            securableObject.RoleAssignments.Add(roleAssignment);
        }
    }
}