<?php
/*
	FusionPBX
	Version: MPL 1.1

	The contents of this file are subject to the Mozilla Public License Version
	1.1 (the "License"); you may not use this file except in compliance with
	the License. You may obtain a copy of the License at
	http://www.mozilla.org/MPL/

	Software distributed under the License is distributed on an "AS IS" basis,
	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
	for the specific language governing rights and limitations under the
	License.

	The Original Code is FusionPBX

	The Initial Developer of the Original Code is
	Mark J Crane <markjcrane@fusionpbx.com>
	Portions created by the Initial Developer are Copyright (C) 2019-2025
	the Initial Developer. All Rights Reserved.

	Contributor(s):
	Mark J Crane <markjcrane@fusionpbx.com>
*/

/**
 * users class
 */
class users {

	/**
	 * declare constant variables
	 */
	const app_name = 'users';
	const app_uuid = '112124b3-95c2-5352-7e9d-d14c0b88f207';

	/**
	 * Set in the constructor. Must be a database object and cannot be null.
	 *
	 * @var database Database Object
	 */
	private $database;

	/**
	 * Settings object set in the constructor. Must be a settings object and cannot be null.
	 *
	 * @var settings Settings Object
	 */
	private $settings;

	/**
	 * Domain UUID set in the constructor. This can be passed in through the $settings_array associative array or set
	 * in the session global array
	 *
	 * @var string
	 */
	private $domain_uuid;

	/**
	 * declare the variables
	 */
	private $name;
	private $table;
	private $toggle_field;
	private $toggle_values;
	private $location;

	/**
	 * Constructor for the class.
	 *
	 * This method initializes the object with setting_array and session data.
	 *
	 * @param array $setting_array An optional array of settings to override default values. Defaults to [].
	 */
	public function __construct(array $setting_array = []) {
		//set domain and user UUIDs
		$this->domain_uuid = $setting_array['domain_uuid'] ?? $_SESSION['domain_uuid'] ?? '';

		//set objects
		$this->database = $setting_array['database'] ?? database::new();

		//assign the variables
		$this->name          = 'user';
		$this->table         = 'users';
		$this->toggle_field  = 'user_enabled';
		$this->toggle_values = ['true', 'false'];
		$this->location      = 'users.php';
	}

	/**
	 * Deletes one or multiple records.
	 *
	 * @param array $records An array of record IDs to delete, where each ID is an associative array
	 *                       containing 'uuid' and 'checked' keys. The 'checked' value indicates
	 *                       whether the corresponding checkbox was checked for deletion.
	 *
	 * @return void No return value; this method modifies the database state and sets a message.
	 */
	public function delete($records) {
		if (permission_exists($this->name . '_delete')) {

			//add multi-lingual support
			$language = new text;
			$text     = $language->get();

			//validate the token
			$token = new token;
			if (!$token->validate($_SERVER['PHP_SELF'])) {
				message::add($text['message-invalid_token'], 'negative');
				header('Location: ' . $this->location);
				exit;
			}

			//delete multiple records
			if (is_array($records) && @sizeof($records) != 0) {
				//build the delete array
				$x = 0;
				foreach ($records as $record) {
					//add to the array
					if (!empty($record['checked']) && $record['checked'] == 'true' && is_uuid($record['uuid'])) {
						//get the user_uuid
						$user_uuid = $record['uuid'];

						//get the user's domain from v_users
						if (permission_exists('user_domain')) {
							$sql                     = "select domain_uuid from v_users ";
							$sql                     .= "where user_uuid = :user_uuid ";
							$parameters['user_uuid'] = $user_uuid;
							$domain_uuid             = $this->database->select($sql, $parameters, 'column');
							unset($sql, $parameters);
						} else {
							$domain_uuid = $this->domain_uuid;
						}

						//required to be a superadmin to delete a member of the superadmin group
						$superadmin_list = superadmin_list();
						if (if_superadmin($superadmin_list, $user_uuid)) {
							if (!if_group("superadmin")) {
								//access denied - do not delete the user
								header("Location: index.php");
								return;
							}
						}

						//delete the user settings
						$array['user_settings'][$x]['user_uuid']   = $user_uuid;
						$array['user_settings'][$x]['domain_uuid'] = $domain_uuid;

						//delete the groups the user is assigned to
						$array['user_groups'][$x]['user_uuid']   = $user_uuid;
						$array['user_groups'][$x]['domain_uuid'] = $domain_uuid;

						//delete the user
						$array['users'][$x]['user_uuid']   = $user_uuid;
						$array['users'][$x]['domain_uuid'] = $domain_uuid;

						//increment the id
						$x++;
					}
				}

				//delete the checked rows
				if (is_array($array) && @sizeof($array) != 0) {
					//execute
					$p = permissions::new();
					$p->add('user_setting_delete', 'temp');
					$p->add('user_group_delete', 'temp');

					//execute delete
					$this->database->delete($array);
					unset($array);

					$p->delete('user_setting_delete', 'temp');
					$p->delete('user_group_delete', 'temp');

					//set message
					message::add($text['message-delete']);
				}
				unset($records);
			}
		}
	}

	/**
	 * Toggles the state of one or more records.
	 *
	 * @param array $records  An array of record IDs to delete, where each ID is an associative array
	 *                        containing 'uuid' and 'checked' keys. The 'checked' value indicates
	 *                        whether the corresponding checkbox was checked for deletion.
	 *
	 * @return void No return value; this method modifies the database state and sets a message.
	 */
	public function toggle($records) {
		if (permission_exists($this->name . '_edit')) {

			//add multi-lingual support
			$language = new text;
			$text     = $language->get();

			//validate the token
			$token = new token;
			if (!$token->validate($_SERVER['PHP_SELF'])) {
				message::add($text['message-invalid_token'], 'negative');
				header('Location: ' . $this->location);
				exit;
			}

			//toggle the checked records
			if (is_array($records) && @sizeof($records) != 0) {
				//get current toggle state
				foreach ($records as $record) {
					if (!empty($record['checked']) && $record['checked'] == 'true' && is_uuid($record['uuid'])) {
						$uuids[] = "'" . $record['uuid'] . "'";
					}
				}
				if (is_array($uuids) && @sizeof($uuids) != 0) {
					$sql  = "select " . $this->name . "_uuid as uuid, " . $this->toggle_field . " as toggle from v_" . $this->table . " ";
					$sql  .= "where " . $this->name . "_uuid in (" . implode(', ', $uuids) . ") ";
					$rows = $this->database->select($sql, $parameters ?? null, 'all');
					if (is_array($rows) && @sizeof($rows) != 0) {
						foreach ($rows as $row) {
							$states[$row['uuid']] = $row['toggle'];
						}
					}
					unset($sql, $parameters, $rows, $row);
				}

				//build update array
				$x = 0;
				foreach ($states as $uuid => $state) {
					//create the array
					$array[$this->table][$x][$this->name . '_uuid'] = $uuid;
					$array[$this->table][$x][$this->toggle_field]   = $state == $this->toggle_values[0] ? $this->toggle_values[1] : $this->toggle_values[0];

					//increment the id
					$x++;
				}

				//save the changes
				if (is_array($array) && @sizeof($array) != 0) {
					//save the array

					$this->database->save($array);
					unset($array);

					//set message
					message::add($text['message-toggle']);
				}
				unset($records, $states);
			}
		}
	}

	/**
	 * Copies one or more records
	 *
	 * @param array $records  An array of record IDs to delete, where each ID is an associative array
	 *                        containing 'uuid' and 'checked' keys. The 'checked' value indicates
	 *                        whether the corresponding checkbox was checked for deletion.
	 *
	 * @return void No return value; this method modifies the database state and sets a message.
	 */
	public function copy($records) {
		if (permission_exists($this->name . '_add')) {

			//add multi-lingual support
			$language = new text;
			$text     = $language->get();

			//validate the token
			$token = new token;
			if (!$token->validate($_SERVER['PHP_SELF'])) {
				message::add($text['message-invalid_token'], 'negative');
				header('Location: ' . $this->location);
				exit;
			}

			//copy the checked records
			if (!empty($records) && is_array($records) && @sizeof($records) != 0) {

				//get checked records
				foreach ($records as $record) {
					if (!empty($record['checked']) && $record['checked'] == 'true' && is_uuid($record['uuid'])) {
						$uuids[] = "'" . $record['uuid'] . "'";
					}
				}

				//create the array from existing data
				if (!empty($uuids) && is_array($uuids) && @sizeof($uuids) != 0) {
					$sql  = "select * from v_" . $this->table . " ";
					$sql  .= "where " . $this->name . "_uuid in (" . implode(', ', $uuids) . ") ";
					$rows = $this->database->select($sql, $parameters ?? null, 'all');
					if (is_array($rows) && @sizeof($rows) != 0) {
						$x = 0;
						foreach ($rows as $row) {
							//convert boolean values to a string
							foreach ($row as $key => $value) {
								if (gettype($value) == 'boolean') {
									$value     = $value ? 'true' : 'false';
									$row[$key] = $value;
								}
							}

							//copy data
							$array[$this->table][$x] = $row;

							//add copy to the description
							$array[$this->table][$x][$this->name . '_uuid'] = uuid();
							$array[$this->table][$x]['username']            = $row['username'] . '-' . $text['label-copy'];

							//increment the id
							$x++;
						}
					}
					unset($sql, $parameters, $rows, $row);
				}

				//save the changes and set the message
				if (!empty($array) && is_array($array) && @sizeof($array) != 0) {
					//save the array
					$this->database->save($array);
					unset($array);

					//set message
					message::add($text['message-copy']);
				}
				unset($records);
			}
		}
	}

	/**
	 * Remove old user log entries. Called the maintenance service application.
	 *
	 * @param settings $settings
	 *
	 * @return void
	 */
	public static function database_maintenance(settings $settings): void {
		$database = $settings->database();
		$domains  = maintenance_service::get_domains($database);
		foreach ($domains as $domain_uuid => $domain_name) {
			$domain_settings = new settings(['database' => $database, 'domain_uuid' => $domain_uuid]);
			$retention_days  = $domain_settings->get('users', 'database_retention_days', '');
			if (!empty($retention_days) && is_numeric($retention_days)) {
				$sql = "delete from v_user_logs where timestamp < NOW() - INTERVAL '$retention_days days'";
				$sql .= " and domain_uuid = '$domain_uuid'";
				$database->execute($sql);
				$code = $database->message['code'] ?? 0;
				if ($code == 200) {
					maintenance_service::log_write(self::class, "Successfully removed entries older than $retention_days", $domain_uuid);
				} else {
					$message = $database->message['message'] ?? "An unknown error has occurred";
					maintenance_service::log_write(self::class, "Unable to remove old database records. Error message: $message ($code)", $domain_uuid, maintenance_service::LOG_ERROR);
				}
			} else {
				maintenance_service::log_write(self::class, "Database retention days not set or not numeric", $domain_uuid);
			}
		}
	}
}