<?php
/**
 * (c) Copyright Ascensio System SIA 2025.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
require_once __DIR__.'/../../main/inc/global.inc.php';

use ChamiloSession as Session;
use Onlyoffice\DocsIntegrationSdk\Models\Callback as OnlyofficeCallback;
use Onlyoffice\DocsIntegrationSdk\Models\CallbackDocStatus;

$plugin = OnlyofficePlugin::create();

if (isset($_GET['hash']) && !empty($_GET['hash'])) {
    @header('Content-Type: application/json; charset=utf-8');
    @header('X-Robots-Tag: noindex');
    @header('X-Content-Type-Options: nosniff');

    $appSettings = new OnlyofficeAppsettings($plugin);
    $jwtManager = new OnlyofficeJwtManager($appSettings);
    list($hashData, $error) = $jwtManager->readHash($_GET['hash'], api_get_security_key());
    if (null === $hashData) {
        error_log("ONLYOFFICE CALLBACK: ERROR - Invalid hash: ".$error);
        exit(json_encode(['status' => 'error', 'error' => $error]));
    }

    $type = $hashData->type;
    $courseId = $hashData->courseId;
    $userId = $hashData->userId;
    $docId = $hashData->docId;
    $groupId = $hashData->groupId;
    $sessionId = $hashData->sessionId;
    $docPath = isset($_GET['docPath']) ? urldecode($_GET['docPath']) : ($hashData->docPath ?? null);
    // Load courseCode for various uses from global scope in other functions
    $courseInfo = api_get_course_info_by_id($courseId);
    $courseCode = $courseInfo['code'];

    if (!empty($userId)) {
        $userInfo = api_get_user_info($userId);
    } else {
        exit(json_encode(['error' => 'User not found']));
    }

    if (api_is_anonymous()) {
        $loggedUser = [
            'user_id' => $userInfo['id'],
            'status' => $userInfo['status'],
            'uidReset' => true,
        ];

        Session::write('_user', $loggedUser);
        Login::init_user($loggedUser['user_id'], true);
    } else {
        $userId = api_get_user_id();
    }

    switch ($type) {
        case 'track':
            $callbackResponseArray = track();
            exit(json_encode($callbackResponseArray));
        case 'download':
            $callbackResponseArray = download();
            exit(json_encode($callbackResponseArray));
        case 'empty':
            $callbackResponseArray = emptyFile();
            exit(json_encode($callbackResponseArray));
        default:
            exit(json_encode(['status' => 'error', 'error' => '404 Method not found']));
    }
}

/**
 * Handle request from the document server with the document status information.
 */
function track(): array
{
    global $courseCode;
    global $userId;
    global $docId;
    global $docPath;
    global $groupId;
    global $sessionId;
    global $courseInfo;
    global $appSettings;
    global $jwtManager;

    $body_stream = file_get_contents('php://input');
    if ($body_stream === false) {
        return ['error' => 'Bad Request'];
    }

    $data = json_decode($body_stream, true);

    if (null === $data) {
        return ['error' => 'Bad Response'];
    }

    if ($data['status'] == 4) {
        return ['status' => 'success', 'message' => 'No changes detected'];
    }

    if ($jwtManager->isJwtEnabled()) {
        if (!empty($data['token'])) {
            try {
                $payload = $jwtManager->decode($data['token'], $appSettings->getJwtKey());
            } catch (UnexpectedValueException $e) {
                return ['status' => 'error', 'error' => '403 Access denied'];
            }
        } else {
            $token = substr(getallheaders()[$appSettings->getJwtHeader()], strlen('Bearer '));
            try {
                $decodeToken = $jwtManager->decode($token, $appSettings->getJwtKey());
                $payload = $decodeToken->payload;
            } catch (UnexpectedValueException $e) {
                return ['status' => 'error', 'error' => '403 Access denied'];
            }
        }
    }

    if (!empty($docPath)) {
        $docPath = urldecode($docPath);
        $filePath = api_get_path(SYS_COURSE_PATH).$docPath;

        if (!file_exists($filePath)) {
            return ['status' => 'error', 'error' => 'File not found'];
        }

        $documentKey = basename($docPath);
        if ($data['status'] == 2 || $data['status'] == 3) {
            if (!empty($data['url'])) {
                $newContent = file_get_contents($data['url']);
                if ($newContent === false) {
                    return ['status' => 'error', 'error' => 'Failed to fetch document'];
                }

                if (file_put_contents($filePath, $newContent) === false) {
                    return ['status' => 'error', 'error' => 'Failed to save document'];
                }
            } else {
                return ['status' => 'error', 'error' => 'No file URL provided'];
            }
        }
    } elseif (!empty($docId)) {
        $docInfo = DocumentManager::get_document_data_by_id($docId, $courseCode, false, $sessionId);
        if (!$docInfo || !file_exists($docInfo['absolute_path'])) {
            return ['status' => 'error', 'error' => 'File not found'];
        }

        $documentKey = $docId;
        $data['url'] = $payload->url ?? null;
        $data['status'] = $payload->status;
    } else {
        return ['status' => 'error', 'error' => 'File not found'];
    }

    $docStatus = new CallbackDocStatus($data['status']);
    $callback = new OnlyofficeCallback();
    $callback->setStatus($docStatus);
    $callback->setKey($documentKey);
    $callback->setUrl($data['url']);
    $callbackService = new OnlyofficeCallbackService(
        $appSettings,
        $jwtManager,
        [
            'courseCode' => $courseCode,
            'userId' => $userId,
            'docId' => $docId ?? '',
            'docPath' => $docPath ?? '',
            'groupId' => $groupId,
            'sessionId' => $sessionId,
            'courseInfo' => $courseInfo,
        ]
    );

    $result = $callbackService->processCallback($callback, $documentKey);

    return $result;
}

/**
 * Downloading file by the document service.
 */
function download()
{
    global $plugin;
    global $courseCode;
    global $userId;
    global $docId;
    global $groupId;
    global $docPath;
    global $sessionId;
    global $courseInfo;
    global $appSettings;
    global $jwtManager;

    if ($jwtManager->isJwtEnabled()) {
        $token = substr(getallheaders()[$appSettings->getJwtHeader()], strlen('Bearer '));
        try {
            $payload = $jwtManager->decode($token, $appSettings->getJwtKey());
        } catch (UnexpectedValueException $e) {
            return ['status' => 'error', 'error' => '403 Access denied'];
        }
    }

    if (!empty($docPath)) {
        $filePath = api_get_path(SYS_COURSE_PATH).urldecode($docPath);

        if (!file_exists($filePath)) {
            return ['status' => 'error', 'error' => 'File not found'];
        }

        $docInfo = [
            'title' => basename($filePath),
            'absolute_path' => $filePath,
        ];
    } elseif (!empty($docId) && !empty($courseCode)) {
        $docInfo = DocumentManager::get_document_data_by_id($docId, $courseCode, false, $sessionId);
        if (!$docInfo || !file_exists($docInfo['absolute_path'])) {
            return ['status' => 'error', 'error' => 'File not found'];
        }

        $filePath = $docInfo['absolute_path'];
    } else {
        return ['status' => 'error', 'error' => 'Invalid request'];
    }

    @header('Content-Type: application/octet-stream');
    @header('Content-Disposition: attachment; filename='.$docInfo['title']);

    readfile($filePath);
    exit;
}

/**
 * Downloading empty file by the document service.
 */
function emptyFile()
{
    global $plugin;
    global $type;
    global $courseCode;
    global $userId;
    global $docId;
    global $groupId;
    global $sessionId;
    global $courseInfo;
    global $appSettings;
    global $jwtManager;

    if ($type !== 'empty') {
        $result['status'] = 'error';
        $result['error'] = 'Download empty with other action';

        return $result;
    }

    if ($jwtManager->isJwtEnabled()) {
        $token = substr(getallheaders()[$appSettings->getJwtHeader()], strlen('Bearer '));
        try {
            $payload = $jwtManager->decode($token, $appSettings->getJwtKey());
        } catch (UnexpectedValueException $e) {
            $result['status'] = 'error';
            $result['error'] = '403 Access denied';

            return $result;
        }
    }

    $template = TemplateManager::getEmptyTemplate('docx');

    if (!$template) {
        $result['status'] = 'error';
        $result['error'] = 'File not found';

        return $result;
    }

    @header('Content-Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document');
    @header('Content-Disposition: attachment; filename='.'docx.docx');
    readfile($template);
    exit;
}