<?php
/*
 * Copyright (C) Ascensio System SIA, 2009-2026
 *
 * This program is a free software product. You can redistribute it and/or
 * modify it under the terms of the GNU Affero General Public License (AGPL)
 * version 3 as published by the Free Software Foundation, together with the
 * additional terms provided in the LICENSE file.
 *
 * This program is distributed WITHOUT ANY WARRANTY; without even the implied
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. For
 * details, see the GNU AGPL at: https://www.gnu.org/licenses/agpl-3.0.html
 *
 * You can contact Ascensio System SIA by email at info@onlyoffice.com
 * or by postal mail at 20A-6 Ernesta Birznieka-Upisha Street, Riga,
 * LV-1050, Latvia, European Union.
 *
 * The interactive user interfaces in modified versions of the Program
 * are required to display Appropriate Legal Notices in accordance with
 * Section 5 of the GNU AGPL version 3.
 *
 * No trademark rights are granted under this License.
 *
 * All non-code elements of the Product, including illustrations,
 * icon sets, and technical writing content, are licensed under the
 * Creative Commons Attribution-ShareAlike 4.0 International License:
 * https://creativecommons.org/licenses/by-sa/4.0/legalcode
 *
 * This license applies only to such non-code elements and does not
 * modify or replace the licensing terms applicable to the Program's
 * source code, which remains licensed under the GNU Affero General
 * Public License v3.
 *
 * SPDX-License-Identifier: AGPL-3.0-only
 */

namespace OCA\Onlyoffice;

use OCA\Files_Versions\Versions\IVersion;
use OCP\Constants;
use OCP\Files\File;
use OCP\Files\Folder;
use OCP\Files\NotFoundException;
use OCP\IL10N;
use OCP\ISession;
use OCP\Share\Exceptions\ShareNotFound;
use OCP\Share\IManager;
use OCP\Share\IShare;
use Psr\Log\LoggerInterface;

/**
 * File utility
 *
 * @package OCA\Onlyoffice
 */
class FileUtility {

    public function __construct(
        private readonly IL10N $trans,
        private readonly LoggerInterface $logger,
        private readonly AppConfig $appConfig,
        private readonly IManager $shareManager,
        private readonly ISession $session,
        private readonly KeyManager $keyManager
    ) {}

    /**
     * Getting file by token
     *
     * @param integer $fileId - file identifier
     * @param string $shareToken - access token
     * @param string $path - file path
     */
    public function getFileByToken(?int $fileId, string $shareToken, ?string $path = null): array {
        [$node, $error, $share] = $this->getNodeByToken($shareToken);

        if (isset($error)) {
            return [null, $error, null];
        }

        if ($node instanceof Folder) {
            if ($fileId !== null && $fileId !== 0) {
                try {
                    $files = $node->getById($fileId);
                } catch (\Exception $e) {
                    $this->logger->error("getFileByToken: $fileId", ["exception" => $e]);
                    return [null, $this->trans->t("Invalid request"), null];
                }

                if (empty($files)) {
                    $this->logger->info("Files not found: $fileId");
                    return [null, $this->trans->t("File not found"), null];
                }
                $file = $files[0];
            } else {
                try {
                    $file = $node->get($path);
                } catch (\Exception $e) {
                    $this->logger->error("getFileByToken for path: $path", ["exception" => $e]);
                    return [null, $this->trans->t("Invalid request"), null];
                }
            }
        } else {
            $file = $node;
        }

        return [$file, null, $share];
    }

    /**
     * Get a file by token
     */
    public function getNodeByToken(string $shareToken): array {
        [$share, $error] = $this->getShare($shareToken);

        if (isset($error)) {
            return [null, $error, null];
        }

        if (($share->getPermissions() & Constants::PERMISSION_READ) === 0) {
            return [null, $this->trans->t("You do not have enough permissions to view the file"), null];
        }

        try {
            $node = $share->getNode();
        } catch (NotFoundException $e) {
            $this->logger->error("getNodeByToken error", ["exception" => $e]);
            return [null, $this->trans->t("File not found"), null];
        }

        return [$node, null, $share];
    }

    /**
     * Getting share by token
     *
     * @param string $shareToken - access token
     */
    public function getShare(string $shareToken): array {
        if (empty($shareToken)) {
            return [null, $this->trans->t("FileId is empty")];
        }

        try {
            $share = $this->shareManager->getShareByToken($shareToken);
        } catch (ShareNotFound $e) {
            $this->logger->error("getShare error", ["exception" => $e]);
            $share = null;
        }

        if ($share === null || $share === false) {
            return [null, $this->trans->t("You do not have enough permissions to view the file")];
        }

        $authenticatedLinks = $this->session->get('public_link_authenticated');

        $isAuthenticated = is_array($authenticatedLinks) && in_array($share->getId(), $authenticatedLinks, true);
        $isAuthenticated = $isAuthenticated || $authenticatedLinks === (string) $share->getId();

        if ($share->getPassword() && !$isAuthenticated) {
            return [null, $this->trans->t("You do not have enough permissions to view the file")];
        }

        return [$share, null];
    }

    /**
     * Generate unique document identifier
     *
     * @param File $file - file
     * @param bool $origin - request from federated store
     *
     * @return string
     */
    public function getKey(File $file, bool $origin = false): string {
        $fileId = $file->getId();

        if ($origin
            && RemoteInstance::isRemoteFile($file)) {
            $key = RemoteInstance::getRemoteKey($file);
            if (!empty($key)) {
                return $key;
            }
        }

        $key = $this->keyManager->get($fileId);

        if (empty($key)) {
            $instanceId = $this->appConfig->getSystemValue("instanceid", true);

            $key = $instanceId . "_" . $this->GUID();

            $this->keyManager->set($fileId, $key);
        }

        return $key;
    }

    /**
     * Generate unique identifier
     */
    private function GUID(): string {
        if (function_exists("com_create_guid")) {
            return trim(com_create_guid(), "{}");
        }

        return sprintf('%04X%04X-%04X-%04X-%04X-%04X%04X%04X', mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(16384, 20479), mt_rand(32768, 49151), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535));
    }

    /**
     * Generate unique file version key
     *
     * @param \OCA\Files_Versions\Versions\IVersion $version - file version
     */
    public function getVersionKey(IVersion $version): string {
        $instanceId = $this->appConfig->getSystemValue("instanceid", true);

        return $instanceId . "_" . $version->getSourceFile()->getEtag() . "_" . $version->getRevisionId();
    }

    /**
     * The method checks download permission
     *
     * @param IShare $share - share object
     *
     * @return bool
     */
    public static function canShareDownload(IShare $share): bool {
        $can = true;

        $downloadAttribute = self::getShareAttrubute($share, "download");
        if (isset($downloadAttribute)) {
            $can = $downloadAttribute;
        }

        return $can;
    }

    /**
     * The method extracts share attribute
     *
     * @param IShare $share - share object
     * @param string $attribute - attribute name
     *
     * @return bool|null
     */
    private static function getShareAttrubute(IShare $share, string $attribute) {
        $attributes = null;
        if (method_exists(IShare::class, "getAttributes")) {
            $attributes = $share->getAttributes();
        }

        return isset($attributes) ? $attributes->getAttribute("permissions", $attribute) : null;
    }
}