class UsersController < ApplicationController
  before_filter :signed_in_user,
                only: [:index, :edit, :update, :destroy]
  before_filter :correct_user,   only: [:edit, :update]
  before_filter :admin_user,     only: :destroy

  rescue_from 'JamRuby::PermissionError' do |exception|
    @exception = exception
    render :file => 'public/403.html', :status => 403, :layout => false
  end
  
  def index
    @users = User.paginate(page: params[:page])
  end

  def show
    @user = User.find(params[:id])
  end

  def new
    @invited_user = load_invited_user(params)

    if !@invited_user.nil? && @invited_user.accepted
      # short-circuit out if this invitation is already accepted
      render "already_signed_up"
      return
    end
    @signup_postback = load_postback(@invited_user)
    load_location(request.remote_ip)

    @user = User.new

    # preseed the form with the invited email as a convenience to the user
    unless @invited_user.nil?
      @user.email = @invited_user.email
    end
  end

  def create

    @invited_user = load_invited_user(params)
    @signup_postback = load_postback(@invited_user)

    @user = User.new

    # check recaptcha; if any errors seen, contribute it to the model
    unless verify_recaptcha(:model => @user, :message => "recaptcha")
      render 'new'
      return
    end

    instruments = fixup_instruments(params[:jam_ruby_user][:instruments])

    birth_date = fixup_birthday(params[:jam_ruby_user]["birth_date(2i)"], params[:jam_ruby_user]["birth_date(3i)"], params[:jam_ruby_user]["birth_date(1i)"])
    location = { :country =>  params[:jam_ruby_user][:country], :state =>  params[:jam_ruby_user][:state], :city =>  params[:jam_ruby_user][:city]}
    terms_of_service = params[:jam_ruby_user][:terms_of_service].nil? ? false : true
    subscribe_email = params[:jam_ruby_user][:subscribe_email].nil? ? false : true


    @user = UserManager.new.signup(request.remote_ip,
                                    params[:jam_ruby_user][:first_name],
                                    params[:jam_ruby_user][:last_name],
                                    params[:jam_ruby_user][:email],
                                    params[:jam_ruby_user][:password],
                                    params[:jam_ruby_user][:password_confirmation],
                                    terms_of_service,
                                    subscribe_email,
                                    instruments,
                                    birth_date,
                                    location,
                                    nil, # we don't accept photo url on the signup form yet
                                    @invited_user,
                                    ApplicationHelper.base_uri(request) + "/confirm")

    # check for errors
    if @user.errors.any?
      # render any @user.errors on error
      load_location(request.remote_ip, location)
      render 'new' 
    else
      if @user.email_confirmed
        # If the user came here as a result of an invite, then they are trusted,
        # and we know that their email must be valid because that's how they got the invite
        # and log them in immediately
        sign_in @user
        redirect_to :client
      else
        # If this is a normal signup, then the user needs to verify email
        # if success, redirect to 'email_sent' page
        flash[:success] = "Please check your email and confirm your signup"
        redirect_to :email_sent
      end
    end
  end

  def email_sent

  end

  def signup_confirm
    signup_token = params[:signup_token]

    @user = UserManager.new.signup_confirm(signup_token, request.remote_ip)

    if !@user.nil? && !@user.errors.any?
      sign_in @user
      redirect_to :client
    elsif !@user.nil?
      # new user with validation errors;
      logger.debug("#{@user} has errors. can not sign in until remedied.  #{@user.errors.inspect}")

    end
    # let page have signup_token in javascript
    gon.signup_token = signup_token

    # let errors fall through to signup_confirm.html.erb
  end

  def edit
  end

  def update
    if @user.update_attributes(params[:jam_ruby_user])
      flash[:success] = "Profile updated"
      sign_in @user
      redirect_to @user
    else
      render 'edit'
    end
  end

  def destroy
    User.find(params[:id]).destroy
    flash[:success] = "User destroyed."
    redirect_to users_url
  end

  def request_reset_password
    render 'request_reset_password'
  end
  
  def reset_password
    begin
      @user = User.reset_password(params[:jam_ruby_user][:email])        
      render 'sent_reset_password'
    rescue JamRuby::JamArgumentError
      @reset_password_error = "Email address not found"
      render 'request_reset_password'
    end
  end
  
  def reset_password_token
    render 'reset_password_token'
  end
  
  def reset_password_complete
    begin
      User.set_password_from_token(params[:jam_ruby_user][:email], params[:jam_ruby_user][:token], 
        params[:jam_ruby_user][:password], params[:jam_ruby_user][:password_confirmation])
    rescue
      params[:email] = params[:jam_ruby_user][:email]
      params[:token] = params[:jam_ruby_user][:token]
      render 'reset_password_token'
    end
  end

  private

  def correct_user
    @user = User.find(params[:id])
    redirect_to(root_url) unless current_user?(@user)
  end

  def admin_user
    redirect_to(root_url) unless current_user.admin?
  end

  # the User Model expects instruments in a different format than the form submits it
  # so we have to fix it up.
  def fixup_instruments(original_instruments)
    # if an instrument is selected by the user in the form, it'll show up in this array
    instruments = []

    # ok, sweep through all the fields submitted, looking for selected instruments.
    # also, make up priority because we don't ask for it (but users can fix it later on their profile)
    priority = 0
    original_instruments.each do |key, value|
      logger.debug("key #{key}  value:#{value}")
      if !value["selected"].nil?
        instruments << { :instrument_id => key, :proficiency_level => value["proficiency"].to_i, :priority => priority }
        priority = priority + 1
      end
    end

    return instruments
  end

  # the User Model expects instruments in a different format than the form submits it
  # so we have to fix it up.
  def fixup_birthday(month, day, year)
    if month.blank? || day.blank? || year.blank?
      # invalid birthdate, so return nil
      return nil
    end

    return Date.new(year.to_i, month.to_i, day.to_i)
  end

  def load_invited_user(params)
    # check if this an anonymous request, or result of invitation code
    invitation_code = params[:invitation_code]

    invited_user = nil
    unless invitation_code.nil?
      # we only want to find invitations that have not been accepted
      invited_user = InvitedUser.find_by_invitation_code(invitation_code)
    end
    return invited_user
  end

  def load_location(remote_ip, location = nil)
    @location = location

    if @location.nil?
      @location = MaxMindManager.lookup(remote_ip)
    end

    @location[:country] = "United States" if @location[:country].nil?

    # right now we only accept US signups for beta
    @countries = MaxMindManager.countries()
    # populate regions based on current country
    @regions = MaxMindManager.regions(@location[:country])
    @cities = @location[:state].nil? ? [] : MaxMindManager.cities(@location[:country], @location[:state])
  end

  def load_postback(invited_user)
    if invited_user.nil?
      signup_path
    else
      signup_path + "?invitation_code=" + invited_user.invitation_code
    end
  end
end