APIv3/src/main/java/net/frozenorb/apiv3/models/User.java

package net.frozenorb.apiv3.models;

import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Maps;
import lombok.Getter;
import lombok.Setter;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.serialization.ExcludeFromReplies;
import net.frozenorb.apiv3.utils.PermissionUtils;
import org.bson.Document;
import org.mindrot.jbcrypt.BCrypt;
import org.mongodb.morphia.annotations.Entity;
import org.mongodb.morphia.annotations.Id;
import org.mongodb.morphia.annotations.Indexed;

import java.util.*;

@Entity(value = "users", noClassnameStored = true)
public final class  User {

    @Getter @Id private UUID id;
    @Getter @Indexed private String lastUsername;
    @Getter @ExcludeFromReplies private Map<String, Date> aliases;
    @Getter @Setter @ExcludeFromReplies private String totpSecret;
    @Getter @Indexed @ExcludeFromReplies @Setter private String emailToken;
    @Getter @ExcludeFromReplies @Setter private Date emailTokenSet;
    @Getter @ExcludeFromReplies private String password;
    @Getter @Setter private String email;
    @Getter private String phoneNumber;
    @Getter private String lastSeenOn;
    @Getter private Date lastSeenAt;
    @Getter private Date firstSeenAt;

    public static User byId(String id) {
        try {
            return byId(UUID.fromString(id));
        } catch (Exception ex) {
            return null;
        }
    }

    public static User byId(UUID id) {
        return APIv3.getDatastore().createQuery(User.class).field("id").equal(id).get();
    }

    public static User byEmailToken(String name) {
        return APIv3.getDatastore().createQuery(User.class).field("emailToken").equal(name).get();
    }

    @Deprecated
    public static User byLastUsername(String lastUsername) {
        return APIv3.getDatastore().createQuery(User.class).field("lastUsername").equal(lastUsername).get();
    }

    public User() {} // For Morphia

    public User(UUID id, String lastUsername) {
        this.id = id;
        this.lastUsername = lastUsername;
        this.aliases = new HashMap<>();
        this.totpSecret = null;
        this.password = null;
        this.email = null;
        this.phoneNumber = null;
        this.lastSeenOn = null;
        this.lastSeenAt = new Date();
        this.firstSeenAt = new Date();

        aliases.put(lastUsername, new Date());
    }

    public boolean hasPermissionScoped(String permission, ServerGroup scope) {
        Rank highestRank = getHighestRank(scope);
        Map<String, Boolean> scopedPermissions = PermissionUtils.mergePermissions(
                PermissionUtils.getDefaultPermissions(highestRank),
                scope.calculatePermissions(highestRank)
        );

        return scopedPermissions.containsKey(permission) && scopedPermissions.get(permission);
    }

    public boolean hasPermissionAnywhere(String permission) {
        Map<String, Boolean> globalPermissions = PermissionUtils.getDefaultPermissions(getHighestRank());

        for (Map.Entry<ServerGroup, Rank> serverGroupEntry : getHighestRanks().entrySet()) {
            ServerGroup serverGroup = serverGroupEntry.getKey();
            Rank rank = serverGroupEntry.getValue();

            globalPermissions = PermissionUtils.mergePermissions(
                    globalPermissions,
                    serverGroup.calculatePermissions(rank)
            );
        }

        return globalPermissions.containsKey(permission) && globalPermissions.get(permission);
    }

    public List<Grant> getGrants() {
        return APIv3.getDatastore().createQuery(Grant.class).field("target").equal(id).asList();
    }

    public List<IPLogEntry> getIPLog() {
        return APIv3.getDatastore().createQuery(IPLogEntry.class).field("user").equal(id).asList();
    }

    public IPLogEntry getIPLogEntry(String ip) {
        IPLogEntry existing = APIv3.getDatastore().createQuery(IPLogEntry.class).field("user").equal(id).field("ip").equal(ip).get();

        if (existing == null) {
            existing = new IPLogEntry(this, ip);
            APIv3.getDatastore().save(existing);
        }

        return existing;
    }

    public List<Punishment> getPunishments() {
        return APIv3.getDatastore().createQuery(Punishment.class).field("target").equal(id).asList();
    }

    public List<Punishment> getPunishments(Collection<Punishment.PunishmentType> types) {
        return APIv3.getDatastore().createQuery(Punishment.class).field("target").equal(id).field("type").in(types).asList();
    }

    public UserMetaEntry getMeta(ServerGroup group) {
        return APIv3.getDatastore().createQuery(UserMetaEntry.class).field("user").equal(id).field("serverGroup").equal(group.getId()).get();
    }

    public void saveMeta(ServerGroup group, Document data) {
        UserMetaEntry entry = getMeta(group);

        if (entry == null) {
            APIv3.getDatastore().save(new UserMetaEntry(this, group, data));
        } else {
            entry.setData(data);
            APIv3.getDatastore().save(entry);
        }
    }

    public void seenOnServer(String username, Server server) {
        this.lastSeenOn = server.getId();
        this.lastSeenAt = new Date();
        this.aliases.put(username, new Date());
    }

    public void setPassword(char[] unencrypted) {
        this.password = BCrypt.hashpw(new String(unencrypted), BCrypt.gensalt());
    }

    public boolean checkPassword(char[] unencrypted) {
        return BCrypt.checkpw(new String(unencrypted), password);
    }

    public Rank getHighestRank() {
        return getHighestRank(null);
    }

    public Rank getHighestRank(ServerGroup serverGroup) {
        Rank highest = null;;

        for (Grant grant : getGrants()) {
            if (!grant.isActive() || (serverGroup != null && !grant.appliesOn(serverGroup))) {
                continue;
            }

            Rank rank = Rank.byId(grant.getRank());

            if (highest == null || rank.getWeight() > highest.getWeight()) {
                highest = rank;
            }
        }

        if (highest != null) {
            return highest;
        } else {
            return Rank.byId("default");
        }
    }

    public Map<ServerGroup, Rank> getHighestRanks() {
        Map<ServerGroup, Rank> highestRanks = new HashMap<>();
        Rank defaultRank = Rank.byId("default");
        List<Grant> userGrants = getGrants();

        for (ServerGroup serverGroup : ServerGroup.values()) {
            Rank highest = defaultRank;

            for (Grant grant : userGrants) {
                if (!grant.isActive() || !grant.appliesOn(serverGroup)) {
                    continue;
                }

                Rank rank = Rank.byId(grant.getRank());

                if (highest == null || rank.getWeight() > highest.getWeight()) {
                    highest = rank;
                }
            }

            highestRanks.put(serverGroup, highest);
        }

        return highestRanks;
    }

    public Map<String, Object> getLoginInfo(Server server) {
        String accessDenialReason = null;

        for (Punishment punishment : getPunishments(ImmutableSet.of(
                Punishment.PunishmentType.BLACKLIST,
                Punishment.PunishmentType.BAN
        ))) {
            if (!punishment.isActive()) {
                continue;
            }

            accessDenialReason = punishment.getAccessDenialReason();
        }

        Punishment mute = null;
        for (Punishment punishment : getPunishments(ImmutableSet.of(Punishment.PunishmentType.MUTE))) {
            if (!punishment.isActive()) {
                continue;
            }

            mute = punishment;
        }

        ServerGroup actorGroup = ServerGroup.byId(server.getGroup());
        Rank highestRank = getHighestRank(actorGroup);

        Map<String, Boolean> scopedPermissions = PermissionUtils.mergePermissions(
                PermissionUtils.getDefaultPermissions(highestRank),
                actorGroup.calculatePermissions(highestRank)
        );

        Map<String, Object> loginInfo = Maps.newHashMap();

        loginInfo.put("user", this);
        loginInfo.put("access", ImmutableMap.of(
                "allowed", accessDenialReason == null,
                "message", accessDenialReason == null ? "Public server" : accessDenialReason
        ));
        loginInfo.put("rank", highestRank.getId());
        loginInfo.put("permissions", scopedPermissions);
        loginInfo.put("totpSetup", getTotpSecret() != null);
        if (mute != null) {
            loginInfo.put("mute", mute);
        }

        return loginInfo;
    }

}