<?php
/**
 * Class PermissionSeeder
 * Inserts permissions
 *
 * @copyright  2020 Podlibre
 * @license    https://www.gnu.org/licenses/agpl-3.0.en.html AGPL3
 * @link       https://castopod.org/
 */

namespace App\Database\Seeds;

use CodeIgniter\Database\Seeder;

class AuthSeeder extends Seeder
{
    public function run()
    {
        helper('auth');

        $groups = [['id' => 1, 'name' => 'superadmin', 'description' => '']];

        /** Build permissions array as a list of:
         *
         * ```
         * context => [
         *      [action, description],
         *      [action, description],
         *      ...
         * ]
         * ```
         */
        $permissions = [
            'users' => [
                ['name' => 'create', 'description' => 'Create a user'],
                ['name' => 'list', 'description' => 'List all users'],
                [
                    'name' => 'manage_authorizations',
                    'description' =>
                        'Add or remove roles/permissions to a user',
                ],
                [
                    'name' => 'manage_bans',
                    'description' => 'Ban / unban a user',
                ],
                [
                    'name' => 'force_pass_reset',
                    'description' =>
                        'Force a user to update his password upon next login',
                ],
                [
                    'name' => 'delete',
                    'description' =>
                        'Delete user without removing him from database',
                ],
                [
                    'name' => 'delete_permanently',
                    'description' =>
                        'Delete all occurrences of a user from the database',
                ],
            ],
            'podcasts' => [
                ['name' => 'create', 'description' => 'Add a new podcast'],
                [
                    'name' => 'list',
                    'description' => 'List all podcasts and their episodes',
                ],
                ['name' => 'view', 'description' => 'View any podcast'],
                ['name' => 'edit', 'description' => 'Edit any podcast'],
                [
                    'name' => 'manage_contributors',
                    'description' => 'Add / remove contributors to a podcast',
                ],
                [
                    'name' => 'manage_publication',
                    'description' => 'Publish / unpublish a podcast',
                ],
                [
                    'name' => 'delete',
                    'description' =>
                        'Delete a podcast without removing it from database',
                ],
                [
                    'name' => 'delete_permanently',
                    'description' => 'Delete any podcast from the database',
                ],
            ],
            'episodes' => [
                [
                    'name' => 'list',
                    'description' => 'List all episodes of any podcast',
                ],
                [
                    'name' => 'create',
                    'description' => 'Add a new episode to any podcast',
                ],
                ['name' => 'edit', 'description' => 'Edit any podcast episode'],
                [
                    'name' => 'manage_publications',
                    'description' => 'Publish / unpublish any podcast episode',
                ],
                [
                    'name' => 'delete',
                    'description' =>
                        'Delete any podcast episode without removing it from database',
                ],
                [
                    'name' => 'delete_permanently',
                    'description' => 'Delete any podcast episode from database',
                ],
            ],
        ];

        // Map permissions to a format the `auth_permissions` table expects
        $data_permissions = [];
        $data_groups_permissions = [];
        $permission_id = 0;
        foreach ($permissions as $context => $actions) {
            foreach ($actions as $action) {
                array_push($data_permissions, [
                    'id' => ++$permission_id,
                    'name' => get_permission($context, $action['name']),
                    'description' => $action['description'],
                ]);

                // add all permissions to superadmin
                array_push($data_groups_permissions, [
                    'group_id' => 1,
                    'permission_id' => $permission_id,
                ]);
            }
        }

        $this->db->table('auth_permissions')->insertBatch($data_permissions);
        $this->db->table('auth_groups')->insertBatch($groups);
        $this->db
            ->table('auth_groups_permissions')
            ->insertBatch($data_groups_permissions);

        // TODO: Remove superadmin user as it is used for testing purposes
        $this->db->table('users')->insert([
            'id' => 1,
            'username' => 'admin',
            'email' => 'admin@castopod.com',
            'password_hash' =>
                // password: AGUehL3P
                '$2y$10$TXJEHX/djW8jtzgpDVf7dOOCGo5rv1uqtAYWdwwwkttQcDkAeB2.6',
            'active' => 1,
        ]);
        $this->db
            ->table('auth_groups_users')
            ->insert(['group_id' => 1, 'user_id' => 1]);
    }
}