const OError = require('@overleaf/o-error')
const { User } = require('../../models/User')
const { callbackify } = require('util')

const MAX_AUDIT_LOG_ENTRIES = 200

function _canHaveNoInitiatorId(operation, info) {
  if (operation === 'reset-password') return true
  if (operation === 'unlink-sso' && info.providerId === 'collabratec')
    return true
}

/**
 * Add an audit log entry
 *
 * The entry should include at least the following fields:
 *
 * - userId: the user on behalf of whom the operation was performed
 * - operation: a string identifying the type of operation
 * - initiatorId: who performed the operation
 * - ipAddress: the IP address of the initiator
 * - info: an object detailing what happened
 */
async function addEntry(userId, operation, initiatorId, ipAddress, info = {}) {
  if (!operation || !ipAddress)
    throw new OError('missing required audit log data', {
      operation,
      initiatorId,
      ipAddress,
    })

  if (!initiatorId && !_canHaveNoInitiatorId(operation, info)) {
    throw new OError('missing initiatorId for audit log', {
      operation,
      ipAddress,
    })
  }

  const timestamp = new Date()
  const entry = {
    operation,
    initiatorId,
    info,
    ipAddress,
    timestamp,
  }
  const result = await User.updateOne(
    { _id: userId },
    {
      $push: {
        auditLog: { $each: [entry], $slice: -MAX_AUDIT_LOG_ENTRIES },
      },
    }
  ).exec()
  if (result.nModified === 0) {
    throw new OError('user not found', { userId })
  }
}

const UserAuditLogHandler = {
  addEntry: callbackify(addEntry),
  promises: {
    addEntry,
  },
}

module.exports = UserAuditLogHandler