<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Agents extends MY_Controller {
	
	function __construct()
	{
		parent::__construct();
		
		$this->check_login();
	}
	
	function index(){}
	
	function view($agent_id = NULL)
	{
		$agent = User::find_by_id($agent_id);
		
		/* There are 3 reasons why the Agent might not be found from the ID provided:
		 * 1. No agent exists that corresponds to the ID provided
		 * 2. The agent that corresponds to the given ID was deleted (in which case that Agent will not exist)
		 * 3. The ID provided was invalid, such as if a string was passed or if no ID was provided (in which case it would be NULL)
		 * To best handle this, set an error message and redirect to home page
		 */
		if(!$agent)
		{
			$this->session->set_flashdata('cryptbox_message', $this->generate_cryptbox_message('error', 'We could not find an agent with this ID.'));
			redirect();
		}
			
		$this->view_data['agent'] = $agent;
		$this->view_data['dealerships'] = Dealership::find_all_by_user_id($agent->id);
		
		
		if($agent_id === NULL)
		{
			redirect();
		}
		
		//CHECK FOR PERMISSIONS
		$allow_permission = FALSE;
	
		//If allowed to see all agents, grant permission.
		if($this->LOGGED_IN_USER->group->view_all_agents)
		{
			$allow_permission = TRUE;
		}
		
		//If only allowed to see agents within agency, AND this agent is part of his own agency, allow access
		if($this->LOGGED_IN_USER->group->view_agents_within_agency)
		{
			$agent = User::find_by_id($agent_id); //we need to find out what the agency ID of this agent is.
			if($agent->agency_id == $this->LOGGED_IN_USER->agency_id)
			{
				$allow_permission = TRUE;
			}
		}
		
		//If this agent is himself, allow access
		if($this->LOGGED_IN_USER->group->view_own_agent)
		{
			$allow_permission = TRUE;
		}

		// At this point, if the user doesn't have permission, don't allow him to be here.
		if(! $allow_permission)
		{
			$this->session->set_flashdata('cryptbox_message', CRYPTBOX_MESSAGE_PERM_DENIED);
			redirect();
		}
	
		//Determine what tab to display in the output page based on HTTP GET. If none is set in HTTP GET, default to index.
		$tab = isset($_GET['tab']) ? $_GET['tab'] : '';
		switch($tab)
		{
			case 'dealerships':
				$this->view_data['tab'] = "dealerships";
				break;
			case 'edit':
				$this->view_data['tab'] = "edit";
				
				if($_POST)
				{
					if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) &&
						strlen($_POST['first_name']) > 0 &&
						strlen($_POST['last_name']) > 0 &&
						strlen($_POST['address_street']) > 0 &&
						strlen($_POST['address_city']) > 0 &&
						strlen($_POST['address_zip']) > 0 &&
						strlen($_POST['phone']) > 0
					){
						$agent = User::find_by_id($agent_id);
						$agent->email = $_POST['email'];
						$agent->first_name = $_POST['first_name'];
						$agent->last_name = $_POST['last_name'];
						$agent->address_street = $_POST['address_street'];
						$agent->address_city = $_POST['address_city'];
						$agent->address_state = $_POST['address_state'];
						$agent->address_zip = $_POST['address_zip'];
						$agent->phone = $_POST['phone'];
						$agent->save();
						
						$this->session->set_flashdata('cryptbox_message', CRYPTBOX_MESSAGE_FORM_SUCCESS);
						redirect('agents/view/' . $agent_id);
					}
				}
				
				break;
			case 'change_password':
				$this->view_data['tab'] = "change_password";
				
				if($_POST) //Form was submitted for password change.
				{
				
					//New password must be same as old one, and new password must be valid
					if($this->validate_password($this->LOGGED_IN_USER->password, $_POST['old_password']) &&
						preg_match('/^.*(?=.{8,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/', $_POST['new_password']) &&
						$_POST['new_password'] == $_POST['new_password_confirmation']
					){
						$user = User::find_by_id($this->LOGGED_IN_USER->id);
						$user->password = $this->encrypt_password($_POST['new_password']);
						$user->save();
						
						$this->session->set_flashdata('cryptbox_message', CRYPTBOX_MESSAGE_FORM_SUCCESS);
						redirect('users/my_profile');
					}
					else if($this->validate_password($this->LOGGED_IN_USER->password, $_POST['old_password'])){ //if the password is invalid, create a variable to sent to the view to display this error
						$this->view_data['old_password_invalid'] = TRUE;
					}
				}
				
				break;
			case 'delete':
				$this->view_data['tab'] = "delete";
				
				$agent = User::find_by_id($agent_id);
				if(isset($_POST['confirm'])) //confirm deletion
				{
					//first we need to get all dealerships to delete them
					$dealerships = Dealership::find_all_by_user_id($agent->id);
					foreach($dealerships as $dealership)
					{
						//now we need to get all locations to delete them
						$locations = Location::find_all_by_dealership_id($dealership->id);
						foreach($locations as $location)
						{
							$location->delete();
						}
						$dealership->delete();
					}
					$agent->delete();
					
					if($this->LOGGED_IN_USER->id == $agent->id) //If user is deleting his own account, log him out
						redirect('users/logout');
					
					$this->session->set_flashdata('cryptbox_message', CRYPTBOX_MESSAGE_FORM_SUCCESS);
					redirect();
				}
				
				if(isset($_POST['cancel'])) //Cancel deletion
				{
					redirect('agents/view/' . $agent_id);
				}
				
				break;
			default:
				$this->view_data['tab'] = "index";
				break;
		}
		
		
	}
	
}