<?php

declare(strict_types=1);

namespace OCA\F7Push\Controller;

use OCA\F7Push\Model\PushMessage;
use OCA\F7Push\Service\ConfigService;
use OCA\F7Push\Service\PushDispatcher;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\OCSController;
use OCP\IRequest;
use OCP\IUserSession;

class PushApiController extends OCSController {
	public function __construct(
		string $appName,
		IRequest $request,
		private ConfigService $config,
		private PushDispatcher $pushDispatcher,
		private IUserSession $userSession,
	) {
		parent::__construct($appName, $request);
	}

	/**
	 * Server-to-server push (f7support and other F7cloud apps).
	 * Header: X-F7-Push-Secret
	 *
	 * JSON: { "userId", "title", "body", "url?", "source?", "priority?" }
	 */
	#[NoCSRFRequired]
	public function send(): DataResponse {
		if (!$this->authorizeSecret()) {
			return new DataResponse(['error' => 'forbidden'], Http::STATUS_FORBIDDEN);
		}

		$params = $this->request->getParams();
		$userId = trim((string)($params['userId'] ?? ''));
		$title = trim((string)($params['title'] ?? ''));
		$body = trim((string)($params['body'] ?? ''));
		if ($userId === '' || $title === '') {
			return new DataResponse(['error' => 'userId and title required'], Http::STATUS_BAD_REQUEST);
		}

		$sent = $this->pushDispatcher->dispatch(new PushMessage(
			userId: $userId,
			title: $title,
			body: $body,
			source: trim((string)($params['source'] ?? 'api')),
			priority: trim((string)($params['priority'] ?? 'normal')),
			url: isset($params['url']) ? trim((string)$params['url']) : null,
		));

		return new DataResponse(['success' => true, 'sent' => $sent]);
	}

	/**
	 * Send test push to devices of the current user (admin or self).
	 */
	#[NoAdminRequired]
	#[NoCSRFRequired]
	public function test(): DataResponse {
		$user = $this->userSession->getUser();
		if ($user === null) {
			return new DataResponse(['error' => 'unauthorized'], Http::STATUS_UNAUTHORIZED);
		}

		$sent = $this->pushDispatcher->dispatch(new PushMessage(
			userId: $user->getUID(),
			title: 'F7 Push',
			body: 'Test notification from F7cloud',
			source: 'f7push',
			priority: 'normal',
			url: $this->config->getDefaultClickUrl(),
		));

		return new DataResponse(['success' => true, 'sent' => $sent]);
	}

	private function authorizeSecret(): bool {
		$header = $this->request->getHeader('X-F7-Push-Secret');
		if ($header === '') {
			$header = (string)$this->request->getParam('secret', '');
		}
		return $this->config->verifyApiSecret($header);
	}
}