<?php
namespace Misuzu;

use RuntimeException;
use Index\XDateTime;

if(!isset($msz) || !($msz instanceof \Misuzu\MisuzuContext))
    die('Script must be called through the Misuzu route dispatcher.');

if(!$msz->authInfo->getPerms('global')->check(Perm::G_NEWS_POSTS_MANAGE))
    Template::throwError(403);

$postId = (string)filter_input(INPUT_GET, 'p', FILTER_SANITIZE_NUMBER_INT);
$loadPostInfo = fn() => $msz->news->getPost($postId);

if(empty($postId))
    $isNew = true;
else
    try {
        $isNew = false;
        $postInfo = $loadPostInfo();
    } catch(RuntimeException $ex) {
        Template::throwError(404);
    }

if($_SERVER['REQUEST_METHOD'] === 'GET' && !empty($_GET['delete'])) {
    if(!CSRF::validateRequest())
        Template::throwError(403);

    $msz->news->deletePost($postInfo);
    $msz->createAuditLog('NEWS_POST_DELETE', [$postInfo->id]);
    Tools::redirect($msz->urls->format('manage-news-posts'));
    return;
}

while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
    $title = trim((string)filter_input(INPUT_POST, 'np_title'));
    $category = (string)filter_input(INPUT_POST, 'np_category', FILTER_SANITIZE_NUMBER_INT);
    $featured = !empty($_POST['np_featured']);
    $body = trim((string)filter_input(INPUT_POST, 'np_body'));

    if($isNew) {
        $postInfo = $msz->news->createPost($category, $title, $body, $featured, $msz->authInfo->userInfo);
    } else {
        if($category === $postInfo->categoryId)
            $category = null;
        if($title === $postInfo->title)
            $title = null;
        if($body === $postInfo->body)
            $body = null;
        if($featured === $postInfo->featured)
            $featured = null;

        if($category !== null || $title !== null || $body !== null || $featured !== null)
            $msz->news->updatePost($postInfo, $category, $title, $body, $featured);
    }

    $msz->createAuditLog(
        $isNew ? 'NEWS_POST_CREATE' : 'NEWS_POST_EDIT',
        [$postInfo->id]
    );

    if($isNew && $postInfo->featured) {
        $bsky = $msz->config->scopeTo('bsky');
        if($bsky->hasValues(['identifier', 'password'])) {
            try {
                $xrpc = new \Misuzu\ATProto\XrpcClient($bsky->getString('pds', 'https://bsky.social'));
                $session = $xrpc->call(
                    'com.atproto.server.createSession',
                    data: [
                        'identifier' => $bsky->getString('identifier'),
                        'password' => $bsky->getString('password'),
                    ]
                )->data;

                if(isset($session->accessJwt) && is_string($session->accessJwt)
                    && isset($session->did) && is_string($session->did)) {
                    $url = $msz->siteInfo->url . $msz->urls->format('news-post', ['post' => $postInfo->id]);
                    $body = sprintf("News :: %s\n", $postInfo->title);
                    $urlStart = strlen($body);
                    $body .= $url;
                    $urlEnd = strlen($body);

                    $xrpc->call(
                        'com.atproto.repo.createRecord',
                        headers: [
                            'authorization' => sprintf('Bearer %s', $session->accessJwt),
                        ],
                        data: [
                            'repo' => $session->did,
                            'collection' => 'app.bsky.feed.post',
                            'record' => [
                                '$type' => 'app.bsky.feed.post',
                                'createdAt' => XDateTime::toIso8601String($postInfo->createdAt),
                                'text' => $body,
                                'embed' => [
                                    '$type' => 'app.bsky.embed.external',
                                    'external' => [
                                        'uri' => $url,
                                        'title' => $postInfo->title,
                                        'description' => mb_substr($postInfo->firstParagraph, 0, 500),
                                    ],
                                ],
                                'facets' => [
                                    [
                                        'index' => [
                                            'byteStart' => $urlStart,
                                            'byteEnd' => $urlEnd,
                                        ],
                                        'features' => [
                                            [
                                                '$type' => 'app.bsky.richtext.facet#link',
                                                'uri' => $url,
                                            ],
                                        ],
                                    ],
                                ],
                            ],
                        ],
                    );

                    $xrpc->call(
                        'com.atproto.server.deleteSession',
                        headers: [
                            'authorization' => sprintf('Bearer %s', $session->accessJwt),
                        ],
                    );
                }
            } catch(RuntimeException $ex) {}
        }

        Tools::redirect($msz->urls->format('manage-news-post', ['post' => $postInfo->id]));
        return;
    } else $postInfo = $loadPostInfo();
    break;
}

$categories = [];
foreach($msz->news->getCategories() as $categoryInfo)
    $categories[$categoryInfo->id] = $categoryInfo->name;

Template::render('manage.news.post', [
    'categories' => $categories,
    'post_new' => $isNew,
    'post_info' => $postInfo ?? null,
]);