class Spud::SpudUserModel < ActiveRecord::Base
  self.table_name = 'spud_users'
  
  acts_as_authentic do |c|
    c.transition_from_crypto_providers = Authlogic::CryptoProviders::Sha512,
    c.crypto_provider = Authlogic::CryptoProviders::SCrypt
  end

  belongs_to :role, :class_name => 'SpudRole', :foreign_key => 'spud_role_id'
  has_many :spud_user_settings

  def full_name
    if first_name.blank? && last_name.blank?
      return self.login
    end
    if self.first_name.blank?
      return self.last_name
    elsif self.last_name.blank?
      return self.first_name
    end
    return "#{self.first_name} #{self.last_name}"
  end

  # Returns true if user can view at least one dashboard app
  def has_admin_rights?
    if self.super_admin?
      return true
    else
      return Spud::Core.admin_applications.find{ |app| self.can_view_app?(app) }.present?
    end
  end

  # Returns true if the user can view a spud app based on it's key
  def can_view_app?(admin_application)
    if self.super_admin?
      return true
    else
      key = admin_application[:key]
      return self.permissions.find{ |p| p.apps.include?(key) }.present?
    end
  end

  # Check if a user has a given list of permissions
  #
  # * if one tag is supplied, return true if the tag matches
  # * if multiple tags are supplied, return true if ALL tags match
  def has_permission?(*tags)
    if self.super_admin?
      return true
    else
      my_tags = self.permissions.collect(&:tag)
      return tags.find{ |tag| !my_tags.include?(tag) }.blank?
    end
  end

  # Check if a user has at least one out of a given list of permissions
  #
  # * if one tag is supplied, return true if the tag matches
  # * if multiple tags are supplied, return true if ANY tag matches
  def has_any_permission?(*tags)
    if self.super_admin?
      return true
    else
      return self.permissions.find{ |p| tags.include?(p.tag) }.present?
    end
  end

  # Return a list of SpudPermission objects for the user's SpudRole
  def permissions
    if !self.role
      return []
    else
      return self.role.permissions
    end
  end

  # Returns an ActiveRecord::Relation performing a LIKE query against name columns
  def self.where_name_like(string)
    like = '%' + string + '%'
    return self.where('login like ? or concat(`first_name`, " ", `last_name`) like ?', like, like)
  end

  # Return an array of users who have the requested permission
  #
  # * tag - Desired permission tag string (required)
  # * include_supers - Whether to include super user (default: true)
  def self.with_permission(tag, include_supers:true)
    role_ids = SpudRolePermission.where(:spud_permission_tag => tag).pluck(:spud_role_id).uniq()
    if include_supers
      return SpudUser.where('super_admin = 1 OR spud_role_id IN (?)', role_ids)
    else
      return SpudUser.where(:spud_role_id => role_ids)
    end
  end

end