<?php
/*
 * Copyright (C) Ascensio System SIA, 2009-2026
 *
 * This program is a free software product. You can redistribute it and/or
 * modify it under the terms of the GNU Affero General Public License (AGPL)
 * version 3 as published by the Free Software Foundation, together with the
 * additional terms provided in the LICENSE file.
 *
 * This program is distributed WITHOUT ANY WARRANTY; without even the implied
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. For
 * details, see the GNU AGPL at: https://www.gnu.org/licenses/agpl-3.0.html
 *
 * You can contact Ascensio System SIA by email at info@onlyoffice.com
 * or by postal mail at 20A-6 Ernesta Birznieka-Upisha Street, Riga,
 * LV-1050, Latvia, European Union.
 *
 * The interactive user interfaces in modified versions of the Program
 * are required to display Appropriate Legal Notices in accordance with
 * Section 5 of the GNU AGPL version 3.
 *
 * No trademark rights are granted under this License.
 *
 * All non-code elements of the Product, including illustrations,
 * icon sets, and technical writing content, are licensed under the
 * Creative Commons Attribution-ShareAlike 4.0 International License:
 * https://creativecommons.org/licenses/by-sa/4.0/legalcode
 *
 * This license applies only to such non-code elements and does not
 * modify or replace the licensing terms applicable to the Program's
 * source code, which remains licensed under the GNU Affero General
 * Public License v3.
 *
 * SPDX-License-Identifier: AGPL-3.0-only
 */

namespace OCA\Onlyoffice\Controller;

use OCA\DAV\CalDAV\TimezoneService;
use OCA\Onlyoffice\AppConfig;
use OCA\Onlyoffice\Crypt;
use OCA\Onlyoffice\DocumentService;
use OCA\Onlyoffice\EmailManager;
use OCA\Onlyoffice\ExtraPermissions;
use OCA\Onlyoffice\FileUtility;
use OCA\Onlyoffice\TemplateManager;
use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
use OCP\AppFramework\Http\Attribute\PublicPage;
use OCP\AppFramework\OCSController;
use OCP\Constants;
use OCP\Files\File;
use OCP\Files\Folder;
use OCP\Files\IRootFolder;
use OCP\Files\Lock\ILock;
use OCP\Files\Lock\ILockManager;
use OCP\Files\Lock\NoLockProviderException;
use OCP\IAvatarManager;
use OCP\IL10N;
use OCP\IRequest;
use OCP\ITagManager;
use OCP\ITags;
use OCP\IURLGenerator;
use OCP\IUser;
use OCP\IUserManager;
use OCP\IUserSession;
use OCP\PreConditionNotMetException;
use OCP\Server;
use OCP\Share\IShare;
use OCP\SystemTag\ISystemTagObjectMapper;
use Psr\Log\LoggerInterface;

/**
 * Controller with the main functions
 */
class EditorApiController extends OCSController {

    /**
     * Mobile regex from https://github.com/ONLYOFFICE/CommunityServer/blob/v9.1.1/web/studio/ASC.Web.Studio/web.appsettings.config#L35
     */
    public const USER_AGENT_MOBILE = "/android|avantgo|playbook|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od|ad)|iris|kindle|lge |maemo|midp|mmp|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\\/|plucker|pocket|psp|symbian|treo|up\\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i";

    public function __construct(
        string $appName,
        IRequest $request,
        private readonly IRootFolder $root,
        private readonly IUserSession $userSession,
        private readonly IUserManager $userManager,
        private readonly IURLGenerator $urlGenerator,
        private readonly IL10N $trans,
        private readonly LoggerInterface $logger,
        private readonly AppConfig $appConfig,
        private readonly Crypt $crypt,
        private readonly ITagManager $tagManager,
        private readonly ILockManager $lockManager,
        private readonly TimezoneService $timezoneService,
        private readonly FileUtility $fileUtility,
        private readonly IAvatarManager $avatarManager,
        private readonly ExtraPermissions $extraPermissions,
        private readonly EmailManager $emailManager,
    ) {
        parent::__construct($appName, $request);
    }

    /**
     * Collecting the file parameters for the document service
     *
     * @param integer $fileId - file identifier
     * @param string $filePath - file path
     * @param string $shareToken - access token
     * @param string $directToken - direct token
     * @param bool $inframe - open in frame
     * @param bool $inviewer - open in viewer
     * @param bool $desktop - desktop label
     * @param string $guestName - nickname not logged user
     * @param bool $template - file is template
     * @param string $anchor - anchor for file content
     *
     * @return JSONResponse
     */
    #[NoAdminRequired]
    #[PublicPage]
    public function config(
        int $fileId,
        ?string $filePath = null,
        ?string $shareToken = null,
        ?string $directToken = null,
        bool $inframe = false,
        bool $inviewer = false,
        bool $desktop = false,
        ?string $guestName = null,
        bool $template = false,
        ?string $anchor = null
    ): JSONResponse {

        if (!empty($directToken)) {
            [$directData, $error] = $this->crypt->readHash($directToken);
            if ($directData === null) {
                $this->logger->error("Config for directEditor with empty or not correct hash: $error");
                return new JSONResponse(["error" => $this->trans->t("Not permitted")]);
            }
            if ($directData->action !== "direct") {
                $this->logger->error("Config for directEditor with other data");
                return new JSONResponse(["error" => $this->trans->t("Invalid request")]);
            }

            $fileId = $directData->fileId;
            $userId = $directData->userId;
            if ($this->userSession->isLoggedIn()
                && $userId === $this->userSession->getUser()->getUID()) {
                $redirectUrl = $this->urlGenerator->linkToRouteAbsolute(
                    $this->appName . ".editor.index",
                    [
                        "fileId" => $fileId,
                        "filePath" => $filePath
                    ]
                );
                return new JSONResponse(["redirectUrl" => $redirectUrl]);
            }

            $user = $this->userManager->get($userId);
            if (method_exists($this->userSession, 'setVolatileActiveUser')) {
                $this->userSession->setVolatileActiveUser($user);
            }
        } else {
            $user = $this->userSession->getUser();
            $userId = null;
            if (!empty($user)) {
                $userId = $user->getUID();
            }
        }

        [$file, $error, $share] = empty($shareToken) ? $this->getFile($userId, $fileId, $filePath, $template) : $this->fileUtility->getFileByToken($fileId, $shareToken);

        if (isset($error)) {
            $this->logger->error("Config: $fileId $error");
            return new JSONResponse(["error" => $error]);
        }

        if ($this->appConfig->getRestrictExternalStorage() && $this->isExternalStorage($file)) {
            return new JSONResponse(["error" => $this->trans->t("Opening files with ONLYOFFICE from external storages is restricted. Please contact the admin.")]);
        }

        $checkUserAllowGroups = $userId;
        if (!empty($share)) {
            $checkUserAllowGroups = $share->getSharedBy();
        }
        if (!$this->appConfig->isUserAllowedToUse($checkUserAllowGroups)) {
            return new JSONResponse(["error" => $this->trans->t("Not permitted")]);
        }

        $fileName = $file->getName();
        $ext = strtolower(pathinfo((string) $fileName, PATHINFO_EXTENSION));
        $format = !empty($ext) && array_key_exists($ext, $this->appConfig->formatsSetting()) ? $this->appConfig->formatsSetting()[$ext] : null;
        if (!isset($format)) {
            $this->logger->info("Format is not supported for editing: $fileName");
            return new JSONResponse(["error" => $this->trans->t("Format is not supported")]);
        }

        $fileUrl = $this->getUrl($file, $user, $shareToken, false, $template);

        $key = $this->fileUtility->getKey($file, true);
        $key = DocumentService::generateRevisionId($key);

        $params = [
            "document" => [
                "fileType" => $ext,
                "key" => $key,
                "permissions" => [],
                "title" => $fileName,
                "url" => $fileUrl,
                "referenceData" => [
                    "fileKey" => (string)$file->getId(),
                    "instanceId" => $this->appConfig->getSystemValue("instanceid", true),
                ],
            ],
            "documentType" => $format["type"],
            "editorConfig" => [
                "lang" => str_replace("_", "-", $this->trans->getLanguageCode()),
                "region" => str_replace("_", "-", $this->trans->getLocaleCode())
            ]
        ];

        $permissions_modifyFilter = $this->appConfig->getSystemValue($this->appConfig->_permissions_modifyFilter);
        if (isset($permissions_modifyFilter)) {
            $params["document"]["permissions"]["modifyFilter"] = $permissions_modifyFilter;
        }

        $canDownload = true;
        $restrictedEditing = false;
        $fileStorage = $file->getStorage();
        if ($fileStorage->instanceOfStorage(\OCA\Files_Sharing\SharedStorage::class) || !empty($shareToken)) {
            $shareId = empty($share) ? $fileStorage->getShareId() : $share->getId();
            $extraPermissions = null;
            if ($this->appConfig->getAdvanced()) {
                $extraPermissions = $this->extraPermissions->getExtra($shareId);
            }

            if (!empty($extraPermissions)) {
                if (isset($format["review"]) && $format["review"]) {
                    $reviewPermission = ($extraPermissions["permissions"] & ExtraPermissions::REVIEW) === ExtraPermissions::REVIEW;
                    if ($reviewPermission) {
                        $restrictedEditing = true;
                        $params["document"]["permissions"]["review"] = true;
                    }
                }

                if (isset($format["comment"]) && $format["comment"]) {
                    $commentPermission = ($extraPermissions["permissions"] & ExtraPermissions::COMMENT) === ExtraPermissions::COMMENT;
                    if ($commentPermission) {
                        $restrictedEditing = true;
                        $params["document"]["permissions"]["comment"] = true;
                    }
                }

                if (isset($format["fillForms"]) && $format["fillForms"]) {
                    $fillFormsPermission = ($extraPermissions["permissions"] & ExtraPermissions::FILLFORMS) === ExtraPermissions::FILLFORMS;
                    if ($fillFormsPermission) {
                        $restrictedEditing = true;
                        $params["document"]["permissions"]["fillForms"] = true;
                    }
                }

                if (isset($format["modifyFilter"]) && $format["modifyFilter"]) {
                    $modifyFilter = ($extraPermissions["permissions"] & ExtraPermissions::MODIFYFILTER) === ExtraPermissions::MODIFYFILTER;
                    $params["document"]["permissions"]["modifyFilter"] = $modifyFilter;
                }
            }

            if (method_exists(IShare::class, "getAttributes")) {
                $share = empty($share) ? $fileStorage->getShare() : $share;
                $canDownload = FileUtility::canShareDownload($share);
            }
        }

        $isTempLock = false;
        if ($this->lockManager->isLockProviderAvailable()) {
            try {
                $locks = $this->lockManager->getLocks($file->getId());
                $lock = empty($locks) ? null : $locks[0];

                if ($lock !== null) {
                    $lockType = $lock->getType();
                    $lockOwner = $lock->getOwner();
                    if (($lockType === ILock::TYPE_APP) && $lockOwner !== $this->appName
                        || ($lockType === ILock::TYPE_USER || $lockType === ILock::TYPE_TOKEN) && $lockOwner !== $userId) {
                        $isTempLock = true;
                        $this->logger->debug("File " . $file->getId() . " is locked by $lockOwner");
                    }
                }
            } catch (PreConditionNotMetException | NoLockProviderException) {
            }
        }

        $canEdit = isset($format["edit"]) && $format["edit"];
        $canFillForms = isset($format["fillForms"]) && $format["fillForms"];
        $editable = !$template
                    && $file->isUpdateable()
                    && (empty($shareToken) || ($share->getPermissions() & Constants::PERMISSION_UPDATE) === Constants::PERMISSION_UPDATE)
                    && !$restrictedEditing;
        $params["document"]["permissions"]["edit"] = $editable && !$isTempLock;
        if (($editable || $restrictedEditing) && ($canEdit || $canFillForms) && !$isTempLock) {
            $ownerId = null;
            $owner = $file->getOwner();
            if (!empty($owner)) {
                $ownerId = $owner->getUID();
            }

            $canProtect = true;
            if ($this->appConfig->getProtection() === "owner") {
                $canProtect = $ownerId === $userId;
            }
            $params["document"]["permissions"]["protect"] = $canProtect;

            if (isset($shareToken)) {
                $params["document"]["permissions"]["chat"] = false;
                $params["document"]["permissions"]["protect"] = false;
            }

            if ($canFillForms) {
                $params["document"]["permissions"]["fillForms"] = true;
                $params["canEdit"] = $canEdit && $editable;
            }

            $hashCallback = $this->crypt->getHash(["userId" => $userId, "ownerId" => $ownerId, "fileId" => $file->getId(), "filePath" => $filePath, "shareToken" => $shareToken, "action" => "track"]);
            $callback = $this->urlGenerator->linkToRouteAbsolute($this->appName . ".callback.track", ["doc" => $hashCallback]);

            if (!$this->appConfig->useDemo() && !empty($this->appConfig->getStorageUrl())) {
                $callback = str_replace($this->urlGenerator->getAbsoluteURL("/"), $this->appConfig->getStorageUrl(), $callback);
            }

            $params["editorConfig"]["callbackUrl"] = $callback;
        } else {
            $params["editorConfig"]["mode"] = "view";

            if (isset($shareToken) && empty($userId) && !$this->appConfig->getLiveViewOnShare()) {
                $params["editorConfig"]["coEditing"] = [
                    "mode" => "strict",
                    "change" => false
                ];
            }
        }

        if (!$template
            && $file->isUpdateable()
            && (empty($shareToken) || ($share->getPermissions() & Constants::PERMISSION_UPDATE) === Constants::PERMISSION_UPDATE)) {
            $params["document"]["permissions"]["changeHistory"] = true;
        }

        if ($this->request->isUserAgent([$this::USER_AGENT_MOBILE])) {
            $params["type"] = "mobile";
        }

        if (!empty($userId)) {
            $params["editorConfig"]["user"] = [
                "id" => $this->buildUserId($userId),
                "name" => $user->getDisplayName()
            ];
            $avatar = $this->avatarManager->getAvatar($userId);
            if ($avatar->exists() && $avatar->isCustomAvatar()) {
                $userAvatarUrl = $this->urlGenerator->getAbsoluteURL(
                    $this->urlGenerator->linkToRoute("core.avatar.getAvatar", [
                        "userId" => $userId,
                        "size" => 64,
                    ])
                );
                $params["editorConfig"]["user"]["image"] = $userAvatarUrl;
            }
        } elseif (!empty($guestName)) {
            $params["editorConfig"]["user"] = [
                "name" => $guestName
            ];
        }

        $folderLink = null;

        if (!empty($shareToken)) {
            if (method_exists($share, "getHideDownload") && $share->getHideDownload()) {
                $canDownload = false;
            }

            $node = $share->getNode();
            if ($node instanceof Folder) {
                $sharedFolder = $node;
                $folderPath = $sharedFolder->getRelativePath($file->getParent()->getPath());
                if (!empty($folderPath)) {
                    $linkAttr = [
                        "path" => $folderPath,
                        "scrollto" => $file->getName(),
                        "token" => $shareToken
                    ];
                    $folderLink = $this->urlGenerator->linkToRouteAbsolute("files_sharing.sharecontroller.showShare", $linkAttr);
                }
            }
        } elseif (!empty($userId)) {
            $userFolder = $this->root->getUserFolder($userId);
            $folderPath = $userFolder->getRelativePath($file->getParent()->getPath());
            if (!empty($folderPath)) {
                $linkAttr = [
                    "dir" => $folderPath,
                    "scrollto" => $file->getName()
                ];
                $folderLink = $this->urlGenerator->linkToRouteAbsolute("files.view.index", $linkAttr);
            }

            $createParam = [
                "dir" => "/"
            ];

            if (!empty($folderPath)) {
                $folder = $userFolder->get($folderPath);
                if (!empty($folder) && $folder->isCreatable()) {
                    $createParam["dir"] = $folderPath;
                }
            }

            $createName = match ($params["documentType"]) {
                "word" => $this->trans->t("New document") . ".docx",
                "cell" => $this->trans->t("New spreadsheet") . ".xlsx",
                "slide" => $this->trans->t("New presentation") . ".pptx",
                "pdf" => $this->trans->t("New PDF form") . ".pdf",
                default => null,
            };

            if (!empty($createName)) {
                $createParam["name"] = $createName;

                $createUrl = $this->urlGenerator->linkToRouteAbsolute($this->appName . ".editor.create_new", $createParam);
                $params["editorConfig"]["createUrl"] = $createUrl;
            }

            $templatesList = TemplateManager::getGlobalTemplates($file->getMimeType());
            if (!empty($templatesList)) {
                $templates = [];
                foreach ($templatesList as $templateItem) {
                    $createParam["templateId"] = $templateItem->getId();
                    $createParam["name"] = $templateItem->getName();

                    $templates[] = [
                        "image" => "",
                        "title" => $templateItem->getName(),
                        "url" => $this->urlGenerator->linkToRouteAbsolute($this->appName . ".editor.create_new", $createParam)
                    ];
                }

                $params["editorConfig"]["templates"] = $templates;
            }

            if (!$template) {
                $params["document"]["info"]["favorite"] = $this->isFavorite($fileId, $userId);
            }
            $params["_file_path"] = $userFolder->getRelativePath($file->getPath());
        }

        $canGoBack = $folderLink !== null;
        if ($inviewer) {
            if ($canGoBack) {
                $params["editorConfig"]["customization"]["goback"] = [
                    "url" => $folderLink
                ];
            }
        } elseif (!$desktop
            && $inframe
            && ($this->appConfig->getSameTab()
                || !empty($directToken)
                || $this->appConfig->getEnableSharing() && empty($shareToken))) {
                $params["editorConfig"]["customization"]["close"]["visible"] = true;
        } elseif ($canGoBack) {
            $params["editorConfig"]["customization"]["goback"] = [
                "url" => $folderLink
            ];
        } elseif ($inframe && !empty($shareToken)) {
            $params["editorConfig"]["customization"]["close"]["visible"] = true;
        }

        if (!$canDownload || $this->appConfig->getDisableDownload()) {
            $params["document"]["permissions"]["download"] = false;
            $params["document"]["permissions"]["print"] = false;
            $params["document"]["permissions"]["copy"] = false;
        }

        if ($inframe) {
            $params["_files_sharing"] = Server::get(\OCP\App\IAppManager::class)->isEnabledForAnyone("files_sharing");
        }

        $params = $this->setCustomization($params);

        $params = $this->setWatermark($params, !empty($shareToken), $user, $file);

        if ($this->appConfig->useDemo()) {
            $params["editorConfig"]["tenant"] = $this->appConfig->getSystemValue("instanceid", true);
        }

        if (!empty($anchor)) {
            try {
                $actionLink = json_decode($anchor, true);

                $params["editorConfig"]["actionLink"] = $actionLink;
            } catch (\Exception $e) {
                $this->logger->error("Config: $fileId decode $anchor", ["exception" => $e]);
            }
        }

        if (!empty($this->appConfig->getDocumentServerUrl())) {
            $params["documentServerUrl"] = $this->appConfig->getDocumentServerUrl();
        }

        $params['userHasMailAccounts'] = !empty($userId) && !empty($this->emailManager->getSenderAddressesFor($userId));

        if (!empty($this->appConfig->getDocumentServerSecret())) {
            $now = time();
            $iat = $now;
            $exp = $now + $this->appConfig->getJwtExpiration() * 60;
            $params["iat"] = $iat;
            $params["exp"] = $exp;
            $token = \Firebase\JWT\JWT::encode($params, $this->appConfig->getDocumentServerSecret(), "HS256");
            $params["token"] = $token;
        }

        $this->logger->debug("Config is generated for: $fileId with key $key");

        return new JSONResponse($params);
    }

    /**
     * Getting file by identifier
     *
     * @param string $userId - user identifier
     * @param integer $fileId - file identifier
     * @param string $filePath - file path
     * @param bool $template - file is template
     */
    private function getFile(?string $userId, ?int $fileId, ?string $filePath = null, bool $template = false): array {
        if (empty($userId)) {
            return [null, $this->trans->t("UserId is empty"), null];
        }

        if (empty($fileId)) {
            return [null, $this->trans->t("FileId is empty"), null];
        }

        try {
            $folder = $template ? TemplateManager::getGlobalTemplateDir() : $this->root->getUserFolder($userId);
            $files = $folder->getById($fileId);
        } catch (\Exception $e) {
            $this->logger->error("getFile: $fileId", ["exception" => $e]);
            return [null, $this->trans->t("Invalid request"), null];
        }

        if (empty($files)) {
            $this->logger->info("Files not found: $fileId");
            return [null, $this->trans->t("File not found"), null];
        }

        $file = $files[0];

        if (count($files) > 1 && !empty($filePath)) {
            $filePath = "/" . $userId . "/files" . $filePath;
            foreach ($files as $curFile) {
                if ($curFile->getPath() === $filePath) {
                    $file = $curFile;
                    break;
                }
            }
        }

        if (!$file->isReadable()) {
            return [null, $this->trans->t("You do not have enough permissions to view the file"), null];
        }

        return [$file, null, null];
    }

    /**
     * Check if file is stored on external storage, including shared files
     * that originate from external storage
     *
     * @param File $file - file to check
     */
    private function isExternalStorage(File $file): bool {
        if ($file->getMountPoint() instanceof \OCA\Files_External\Config\ExternalMountPoint) {
            return true;
        }

        $owner = $file->getOwner();
        if ($owner === null) {
            return false;
        }

        try {
            $ownerFiles = $this->root->getUserFolder($owner->getUID())->getById($file->getId());
        } catch (\Exception $e) {
            $this->logger->warning("isExternalStorage: could not resolve owner file: " . $file->getId(), ["exception" => $e]);
            return false;
        }

        return !empty($ownerFiles) && $ownerFiles[0]->getMountPoint() instanceof \OCA\Files_External\Config\ExternalMountPoint;
    }

    /**
     * Generate secure link to download document
     *
     * @param File $file - file
     * @param IUser $user - user with access
     * @param string $shareToken - access token
     * @param bool $changes - is required url to file changes
     * @param bool $template - file is template
     *
     * @return string
     */
    private function getUrl(
        File $file,
        ?IUser $user = null,
        ?string $shareToken = null,
        bool $changes = false,
        bool $template = false
    ): string {

        $data = [
            "action" => "download",
            "fileId" => $file->getId()
        ];

        $userId = null;
        if (!empty($user)) {
            $userId = $user->getUID();
            $data["userId"] = $userId;
        }
        if (!empty($shareToken)) {
            $data["shareToken"] = $shareToken;
        }
        if ($changes) {
            $data["changes"] = true;
        }
        if ($template) {
            $data["template"] = true;
        }

        $hashUrl = $this->crypt->getHash($data);

        $fileUrl = $this->urlGenerator->linkToRouteAbsolute($this->appName . ".callback.download", ["doc" => $hashUrl]);

        if (!$this->appConfig->useDemo() && !empty($this->appConfig->getStorageUrl())) {
            $fileUrl = str_replace($this->urlGenerator->getAbsoluteURL("/"), $this->appConfig->getStorageUrl(), $fileUrl);
        }

        return $fileUrl;
    }

    /**
     * Generate unique user identifier
     *
     * @param string $userId - current user identifier
     */
    private function buildUserId(string $userId): string {
        $instanceId = $this->appConfig->getSystemValue("instanceid", true);
        return $instanceId . "_" . $userId;
    }

    /**
     * Set customization parameters
     *
     * @param array params - file parameters
     */
    private function setCustomization(array $params): array {
        //default is true
        if ($this->appConfig->getCustomizationChat() === false) {
            $params["editorConfig"]["customization"]["chat"] = false;
        }

        //default is false
        if ($this->appConfig->getCustomizationCompactHeader()) {
            $params["editorConfig"]["customization"]["compactHeader"] = true;
        }

        //default is false
        if ($this->appConfig->getCustomizationFeedback()) {
            $params["editorConfig"]["customization"]["feedback"] = true;
        }

        //default is false
        if ($this->appConfig->getCustomizationForcesave()) {
            $params["editorConfig"]["customization"]["forcesave"] = true;
        }

        //default is true
        if ($this->appConfig->getCustomizationHelp() === false) {
            $params["editorConfig"]["customization"]["help"] = false;
        }

        //default is original
        $reviewDisplay = $this->appConfig->getCustomizationReviewDisplay();
        if ($reviewDisplay !== "original") {
            $params["editorConfig"]["customization"]["reviewDisplay"] = $reviewDisplay;
        }

        $theme = $this->appConfig->getCustomizationTheme();
        if (isset($theme)) {
            $params["editorConfig"]["customization"]["uiTheme"] = $theme;
        }

        //default is true
        if ($this->appConfig->getCustomizationMacros() === false) {
            $params["editorConfig"]["customization"]["macros"] = false;
        }

        //default is true
        if ($this->appConfig->getCustomizationPlugins() === false) {
            $params["editorConfig"]["customization"]["plugins"] = false;
        }

        /* from system config */

        $autosave = $this->appConfig->getSystemValue($this->appConfig->_customization_autosave);
        if (isset($autosave)) {
            $params["editorConfig"]["customization"]["autosave"] = $autosave;
        }

        $customer = $this->appConfig->getSystemValue($this->appConfig->_customization_customer);
        if (isset($customer)) {
            $params["editorConfig"]["customization"]["customer"] = $customer;
        }

        $loaderLogo = $this->appConfig->getSystemValue($this->appConfig->_customization_loaderLogo);
        if (isset($loaderLogo)) {
            $params["editorConfig"]["customization"]["loaderLogo"] = $loaderLogo;
        }

        $loaderName = $this->appConfig->getSystemValue($this->appConfig->_customization_loaderName);
        if (isset($loaderName)) {
            $params["editorConfig"]["customization"]["loaderName"] = $loaderName;
        }

        $logo = $this->appConfig->getSystemValue($this->appConfig->_customization_logo);
        if (isset($logo)) {
            $params["editorConfig"]["customization"]["logo"] = $logo;
        }

        $zoom = $this->appConfig->getSystemValue($this->appConfig->_customization_zoom);
        if (isset($zoom)) {
            $params["editorConfig"]["customization"]["zoom"] = $zoom;
        }

        return $params;
    }

    /**
     * Set watermark parameters
     *
     * @param array params - file parameters
     * @param bool isPublic - with access token
     * @param IUser $user - current user
     * @param File file - file
     */
    private function setWatermark(array $params, bool $isPublic, ?IUser $user, File $file): array {
        $userId = empty($user) ? null : $user->getUID();
        $watermarkTemplate = $this->getWatermarkText(
            $isPublic,
            $userId,
            $file,
            $params["document"]["permissions"]["edit"] !== false,
            !array_key_exists("download", $params["document"]["permissions"]) || $params["document"]["permissions"]["download"] !== false
        );

        if ($watermarkTemplate !== false) {
            if (empty($user)) {
                $userId = $this->trans->t('Anonymous');
                $userDisplayName = $this->trans->t('Anonymous');
                $email = $this->trans->t('Anonymous');
                $timezone = $this->timezoneService->getDefaultTimezone();
            } else {
                $userDisplayName = $user->getDisplayName();
                $email = $user->getEMailAddress();
                $timezone = $this->timezoneService->getUserTimezone($userId) ?? $this->timezoneService->getDefaultTimezone();
            }

            $replacements = [
                "userId" => $userId,
                "userDisplayName" => $userDisplayName,
                "email" => $email,
                "date" => (new \DateTime("now", new \DateTimeZone($timezone)))->format("Y-m-d H:i:s"),
                "themingName" => Server::get(\OCA\Theming\ThemingDefaults::class)->getName()
            ];
            $watermarkTemplate = preg_replace_callback("/{(.+?)}/", fn($matches) => $replacements[$matches[1]], $watermarkTemplate);

            $params["document"]["options"] = [
                "watermark_on_draw" => [
                    "align" => 1,
                    "height" => 100,
                    "paragraphs" => [[
                        "align" => 2,
                        "runs" => [[
                            "fill" => [182, 182, 182],
                            "font-size" => 70,
                            "text" => $watermarkTemplate,
                        ]]
                    ]],
                    "rotate" => -45,
                    "width" => 250,
                ]
            ];
        }

        return $params;
    }

    /**
     * Should watermark
     *
     * @param bool isPublic - with access token
     * @param string userId - user identifier
     * @param File file - file
     * @param bool canEdit - edit permission
     * @param bool canDownload - download permission
     *
     * @return bool|string
     */
    private function getWatermarkText(
        bool $isPublic,
        ?string $userId,
        File $file,
        bool $canEdit,
        bool $canDownload
    ): bool|string {
        $watermarkSettings = $this->appConfig->getWatermarkSettings();
        if (!$watermarkSettings["enabled"]) {
            return false;
        }

        $watermarkText = $watermarkSettings["text"];
        $fileId = $file->getId();

        if ($isPublic) {
            if ($watermarkSettings["linkAll"]) {
                return $watermarkText;
            }
            if ($watermarkSettings["linkRead"] && !$canEdit) {
                return $watermarkText;
            }
            if ($watermarkSettings["linkSecure"] && !$canDownload) {
                return $watermarkText;
            }
            if ($watermarkSettings["linkTags"]) {
                $tags = $watermarkSettings["linkTagsList"];
                $fileTags = Server::get(ISystemTagObjectMapper::class)->getTagIdsForObjects([$fileId], "files")[$fileId];
                foreach ($fileTags as $tagId) {
                    if (in_array((string) $tagId, $tags, true)) {
                        return $watermarkText;
                    }
                }
            }
        } else {
            if ($watermarkSettings["shareAll"]
                && ($file->getOwner() === null || $file->getOwner()->getUID() !== $userId)) {
                return $watermarkText;
            }
            if ($watermarkSettings["shareRead"] && !$canEdit) {
                return $watermarkText;
            }
        }
        if ($watermarkSettings["allGroups"]
            && $userId !== null) {
            $groups = $watermarkSettings["allGroupsList"];
            foreach ($groups as $group) {
                if (Server::get(\OCP\IGroupManager::class)->isInGroup($userId, $group)) {
                    return $watermarkText;
                }
            }
        }
        if ($watermarkSettings["allTags"]) {
            $tags = $watermarkSettings["allTagsList"];
            $fileTags = Server::get(ISystemTagObjectMapper::class)->getTagIdsForObjects([$fileId], "files")[$fileId];
            foreach ($fileTags as $tagId) {
                if (in_array((string) $tagId, $tags, true)) {
                    return $watermarkText;
                }
            }
        }

        return false;
    }

    /**
     * Check file favorite
     *
     * @param integer $fileId - file identifier
     * @param string $userId - user identifier
     *
     * @return bool
     */
    private function isFavorite(int $fileId, ?string $userId = null): bool {
        $currentTags = $this->tagManager->load("files", [], false, $userId)->getTagsForObjects([$fileId]);
        if ($currentTags) {
            return in_array(ITags::TAG_FAVORITE, $currentTags[$fileId], true);
        }

        return false;
    }
}