<?php
class User extends MY_Controller
{
    var $db;
    public function index()
    {
        echo "User API";
    }

    public function __construct()
    {
        parent::__construct();
        // $this->db = $this->load->database("default", true);
        $this->db->query("use one_dash");
    }

    function corss()
    {
        global $_SERVER;
        if (isset($_SERVER["HTTP_ORIGIN"])) {
            header("Access-Control-Allow-Origin: " . $_SERVER["HTTP_ORIGIN"]);
        } else {
            header("Access-Control-Allow-Origin: */*");
        }
        header("Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS");
        header(
            "Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization"
        );
        if (
            isset($_SERVER["REQUEST_METHOD"]) &&
            $_SERVER["REQUEST_METHOD"] == "OPTIONS"
        ) {
            http_response_code(200);
            echo json_encode("OK");
            exit();
        }
    }

    // delete user
    public function delete_user()
    {
        $this->corss();
        try {
            // PAKE POST DARI FLUTTER
            $param = $this->sys_input;
            $user_id = $param['user_id'];

            if ($user_id == "0") {
                $this->sys_error("User ID are mandatory");
            }

            $sql_delete_user = "UPDATE one_dash.m_user 
            SET M_UserIsActive = 'N'
            WHERE M_UserID = $user_id";

            $qry_delete_user = $this->db->query($sql_delete_user);
            if (!$qry_delete_user) {
                $this->db->trans_rollback();
                $error = array(
                    "message" => $this->db->error()["message"],
                    "sql" => $this->db->last_query()
                );
                $this->sys_error_db($error);
                exit;
            }

            // delete permission
            $sql_delete_permission = "UPDATE one_dash.m_user_permission 
            SET M_UserPermissionIsActive = 'N'
            WHERE M_UserPermissionM_UserID = $user_id";

            $qry_delete_permission = $this->db->query($sql_delete_permission);
            if (!$qry_delete_permission) {
                $this->db->trans_rollback();
                $error = array(
                    "message" => $this->db->error()["message"],
                    "sql" => $this->db->last_query()
                );
                $this->sys_error_db($error);
                exit;
            }

            $this->sys_ok("Success");
        } catch (Exception  $exc) {
            $message = $exc->getMessage();
            $this->sys_error($message);
        }
    }

    // add user
    public function add_user()
    {
        $this->corss();
        try {
            // PAKE POST DARI FLUTTER

            // Full Name :
            // Username :
            // Password :
            // Re-Type Password:

            $param = $this->sys_input;

            $fullname = "";
            $username = "";
            $password = "";
            $re_type_password = "";

            if (isset($param['fullname'])) {
                $fullname = $param['fullname'];
            }

            if (isset($param['username'])) {
                $username = $param['username'];
            }

            if (isset($param['password'])) {
                $password = $param['password'];
            }

            if (isset($param['re_type_password'])) {
                $re_type_password = $param['re_type_password'];
            }

            if (isset($param['password']) && isset($param['re_type_password'])) {
                if ($param['password'] !== $param['re_type_password']) {
                    $this->sys_error("Password dan re type tidak sama");
                }
            }

            if ($username == "" || $fullname == "" || $password == "" || $re_type_password == "") {
                $this->sys_error("username, fullname, password, re-type password are mandatory");
            }

            $new_password_salt = md5($this->one_salt . $param['password'] . $this->one_salt);

            // check data
            $sql_cek = "SELECT M_UserUsername
            FROM m_user
            join m_user_permission
            ON M_UserID = M_UserPermissionM_UserID
            AND M_UserIsActive = 'Y'
            AND M_UserPermissionIsActive = 'Y'
            AND M_UserUsername = '$username'";

            $qry_cek = $this->db->query($sql_cek);
            if (!$qry_cek) {
                $this->db->trans_rollback();
                $error = array(
                    "message" => $this->db->error()["message"],
                    "sql" => $this->db->last_query()
                );
                $this->sys_error_db($error);
                exit;
            }

            $rows_cek = $qry_cek->result_array();
            if (count($rows_cek) > 0) {
                $this->sys_error("username sudah ada");
            } else {
                $sql_insert = "INSERT one_dash.m_user
                (
                    M_UserFullName,
                    M_UserUsername,
                    M_UserPassword
                )
                VALUES ('$fullname', '$username', '$new_password_salt')";

                $qry_insert = $this->db->query($sql_insert);
                if (!$qry_insert) {
                    $this->db->trans_rollback();
                    $error = array(
                        "message" => $this->db->error()["message"],
                        "sql" => $this->db->last_query()
                    );
                    $this->sys_error_db($error);
                    exit;
                }

                $default_regional = '[{"S_RegionalID":"1","S_RegionalName":"Bandung Raya","isActive":"true"}]';
                $last_id = $this->db->insert_id();

                // $last_id = 1;

                $sql_insert_permission = "INSERT INTO one_dash.m_user_permission 
                (M_UserPermissionIsNasional,
                M_UserPermissionM_UserID,
                M_UserPermissionRegionalJSON,
                M_UserPermissionM_MenuID)
                VALUES(
                    'N',
                    $last_id,
                    '$default_regional',
                    2
                )";

                // echo $sql_insert_permission;

                $qry_insert_permission = $this->db->query($sql_insert_permission);
                if (!$qry_insert_permission) {
                    $this->db->trans_rollback();
                    $error = array(
                        "message" => $this->db->error()["message"],
                        "sql" => $this->db->last_query()
                    );
                    $this->sys_error_db($error);
                    exit;
                }

                // tambah m_user_permission
                // M_UserPermissionIsNasional = 'N'
                // M_UserPermissionM_UserID = 21
                // M_UserPermissionM_MenuID = 2
                // M_UserPermissionRegionalJSON = [{"S_RegionalID":"1","S_RegionalName":"Bandung Raya","isActive":"true"}]

                $this->sys_ok("Success");
            }
        } catch (Exception  $exc) {
            $message = $exc->getMessage();
            $this->sys_error($message);
        }
    }
}