module RailsConnector
  # @api public
  module CmsAccessible
    protected

    # Filter method to load a CMS object.
    #
    # To require the loading for all actions, use this in your controllers:
    #   before_action :load_object
    def load_object
      CmsEnv.new(request.env).load
      loaded_obj = request.env[CmsEnv::OBJ_ENV_KEY]
      raise loaded_obj if loaded_obj.is_a?(StandardError)

      @obj = loaded_obj
    end

    # Filter method to check if the already loaded object is active. If it is
    # not, a 410 Gone error message will be generate (by calling render_obj_error).
    #
    # To require the check for all actions, use this in your controllers:
    #   before_action :load_object
    #   before_action :ensure_object_is_active
    def ensure_object_is_active
      unless @obj.active?
        @valid_from = @obj.valid_from
        @valid_until = @obj.valid_until
        @obj = nil
        render_obj_error(410, "gone")
      end
      true
    end

    # Filter method to check if access to the loaded object is permitted. If it is
    # not, a 403 Forbidden error message will be generated (by calling render_obj_error)
    #
    # To require the check for all actions, use this in your controllers:
    #   before_action :load_object
    #   before_action :ensure_object_is_permitted
    def ensure_object_is_permitted
      unless is_permitted(@obj)
        @obj = nil
        render_obj_error(403, "forbidden")
      end
      true
    end

    # This method is called when rendering an error caused by either {ensure_object_is_permitted}
    # or {ensure_object_is_active} before filter. It renders an error template located in
    # "errors/*.html.erb" with given HTTP status and content type "text/html" and with no layout.
    # Overwrite this method to change the error page.
    # @api public
    def render_obj_error(status, name)
      force_html_format
      render(
        template: "errors/#{status}_#{name}",
        layout: false,
        status: status,
        content_type: Mime[:html]
      )
    end

    # Enforce "html" as template format.
    # @api public
    def force_html_format
      request.format = :html
    end

    # Inclusion hook to make is_permitted available as helper method.
    def self.included(base)
      base.__send__ :helper_method, :is_permitted
    end

    # Helper method to check live permissions
    def is_permitted(obj)
      obj.permitted_for_user?(current_user)
    end

    # Filter method which sets the header 'X-Robots-Tag: unavailable_after'
    # to the valid_until date of the current object.
    def set_google_expire_header
      if @obj && (date = @obj.valid_until)
        headers["X-Robots-Tag: unavailable_after"] = date.rfc822
      end
    end

    # Deliver the obj's body as response by file or data.
    # May respond with status 304 if a If-Modified-Since header is found.
    # @api public
    def deliver_file
      if @obj.body_data_url
        redirect_to enforce_protocol_from_request(@obj.body_data_url)
      elsif stale?(last_modified: @obj.last_changed.utc)
        mime_type = @obj.mime_type
        mime_type += "; charset=utf-8" if %r{^text/}.match?(mime_type)

        if (filepath = @obj.body_data_path).present?
          send_file(File.expand_path(filepath), {
                      type: mime_type,
                      filename: @obj.filename,
                      disposition: "inline"
                    })
        else
          # generics should send its body, empty files should be delivered as
          # empty files - and not lead to an application error
          send_data @obj.body || "", type: mime_type, filename: @obj.filename, disposition: "inline"
        end
      end
    end
  end
end