ProjectController = require "../Project/ProjectController"
AuthenticationController = require '../Authentication/AuthenticationController'
TokenAccessHandler = require './TokenAccessHandler'
Errors = require '../Errors/Errors'
logger = require 'logger-sharelatex'
settings = require 'settings-sharelatex'

module.exports = TokenAccessController =

	_loadEditor: (projectId, req, res, next) ->
		req.params.Project_id = projectId.toString()
		return ProjectController.loadEditor(req, res, next)

	_tryHigherAccess: (token, userId, req, res, next) ->
		TokenAccessHandler.findProjectWithHigherAccess token, userId, (err, project, projectExists) ->
			if err?
				logger.err {err, token, userId},
					"[TokenAccess] error finding project with higher access"
				return next(err)
			if !projectExists
				logger.log {token, userId},
					"[TokenAccess] no project found for this token"
				# Project does not exist, but may be unimported - try it on v1
				return res.redirect(settings.overleaf.host + req.url)
			if !project?
				logger.log {token, userId},
					"[TokenAccess] no project with higher access found for this user and token"
				return next(new Errors.NotFoundError())
			logger.log {token, userId, projectId: project._id},
				"[TokenAccess] user has higher access to project, redirecting"
			res.redirect(302, "/project/#{project._id}")

	readAndWriteToken: (req, res, next) ->
		userId = AuthenticationController.getLoggedInUserId(req)
		token = req.params['read_and_write_token']
		logger.log {userId, token}, "[TokenAccess] requesting read-and-write token access"
		TokenAccessHandler.findProjectWithReadAndWriteToken token, (err, project) ->
			if err?
				logger.err {err, token, userId},
					"[TokenAccess] error getting project by readAndWrite token"
				return next(err)
			if !project?
				logger.log {token, userId},
					"[TokenAccess] no token-based project found for readAndWrite token"
				if !userId?
					logger.log {token},
						"[TokenAccess] No project found with read-write token, anonymous user, deny"
					return next(new Errors.NotFoundError())
				TokenAccessController._tryHigherAccess(token, userId, req, res, next)
			else
				if !userId?
					if TokenAccessHandler.ANONYMOUS_READ_AND_WRITE_ENABLED
						logger.log {token, projectId: project._id},
							"[TokenAccess] allow anonymous read-and-write token access"
						TokenAccessHandler.grantSessionTokenAccess(req, project._id, token)
						req._anonymousAccessToken = token
						return TokenAccessController._loadEditor(project._id, req, res, next)
					else
						logger.log {token, projectId: project._id},
							"[TokenAccess] deny anonymous read-and-write token access"
						AuthenticationController._setRedirectInSession(req)
						return res.redirect('/restricted')
				if project.owner_ref.toString() == userId
					logger.log {userId, projectId: project._id},
						"[TokenAccess] user is already project owner"
					return TokenAccessController._loadEditor(project._id, req, res, next)
				logger.log {userId, projectId: project._id},
					"[TokenAccess] adding user to project with readAndWrite token"
				TokenAccessHandler.addReadAndWriteUserToProject userId, project._id, (err) ->
					if err?
						logger.err {err, token, userId, projectId: project._id},
							"[TokenAccess] error adding user to project with readAndWrite token"
						return next(err)
					return TokenAccessController._loadEditor(project._id, req, res, next)

	readOnlyToken: (req, res, next) ->
		userId = AuthenticationController.getLoggedInUserId(req)
		token = req.params['read_only_token']
		logger.log {userId, token}, "[TokenAccess] requesting read-only token access"
		TokenAccessHandler.findProjectWithReadOnlyToken token, (err, project) ->
			if err?
				logger.err {err, token, userId},
					"[TokenAccess] error getting project by readOnly token"
				return next(err)
			if !project?
				logger.log {token, userId},
					"[TokenAccess] no project found for readOnly token"
				if !userId?
					logger.log {token},
						"[TokenAccess] No project found with readOnly token, anonymous user, deny"
					return next(new Errors.NotFoundError())
				TokenAccessController._tryHigherAccess(token, userId, req, res, next)
			else
				if !userId?
					logger.log {userId, projectId: project._id},
						"[TokenAccess] adding anonymous user to project with readOnly token"
					TokenAccessHandler.grantSessionTokenAccess(req, project._id, token)
					req._anonymousAccessToken = token
					return TokenAccessController._loadEditor(project._id, req, res, next)
				else
					if project.owner_ref.toString() == userId
						logger.log {userId, projectId: project._id},
							"[TokenAccess] user is already project owner"
						return TokenAccessController._loadEditor(project._id, req, res, next)
					logger.log {userId, projectId: project._id},
						"[TokenAccess] adding user to project with readOnly token"
					TokenAccessHandler.addReadOnlyUserToProject userId, project._id, (err) ->
						if err?
							logger.err {err, token, userId, projectId: project._id},
								"[TokenAccess] error adding user to project with readAndWrite token"
							return next(err)
						return TokenAccessController._loadEditor(project._id, req, res, next)