module Immunio
  module CookieHooks
    extend ActiveSupport::Concern

    included do
      # TODO: should anything be checked to make sure @parent_jar exists
      if method_defined? :[]  # Not sure when this wouldn't exist.
        # The following won't work because of the names:
        # alias_method_chain :[], :immunio if method_defined? :[]
        alias_method :lookup_without_immunio, :[]
        alias_method :[], :lookup_with_immunio
      end

    end

    def lookup_with_immunio(name)
      Request.time "plugin", "#{Module.nesting[0]}::#{__method__}" do
        raw_cookie_value = @parent_jar[name]

        cookie_value = Request.pause(
          'plugin',
          "#{Module.nesting[0]}::#{__method__}") do
          lookup_without_immunio(name)
        end

        if !raw_cookie_value.nil? and cookie_value.nil?
          Immunio.run_hook!(
            'action_dispatch',
            'bad_cookie',
            key: name,
            value: raw_cookie_value)
        end

        cookie_value
      end
    end
  end

  module ParamsHooks
    extend ActiveSupport::Concern

    included do
      if method_defined? :request_parameters
        Immunio::Utils.alias_method_chain self, :request_parameters, :immunio
      end
    end

    protected

    # Convert key/values for lua
    #
    #   hi: 'ho'
    #     -> 'hi' => ['ho']
    #
    #   array: ['c', 'd']
    #     -> 'array' => ['c', 'd']
    #
    #   hash: { foo: ['bar', 'baz'] }
    #     -> 'hash[foo]' => ['bar', 'baz']
    #
    #   user: {
    #     name: 'john',
    #     email: 'john@example.com',
    #     address_attributes: {
    #       city: 'Montreal',
    #       id: '1'
    #     }
    #   }
    # }
    #
    # is transformed to key/value pairs:
    #
    #   'user[name]' => ['john'],
    #   'user[email]' => ['john@example.com'],
    #   'user[address_attributes][city]' => ['Montreal'],
    #   'user[address_attributes][id]' => ['1']
    #
    def convert_value(hash, key, value, nested_keys = nil)
      # Filter out UploadedFile.
      unless value.respond_to?(:open)
        if value.respond_to?(:keys)
          nested = nested_keys ? nested_keys : "#{key}"
          value.each do |k, val|
            if val.respond_to?(:keys)
              convert_value(hash, k, val, nested + "[#{k}]")
            else
              hash["#{nested}[#{k}]"] = [val].flatten
            end
          end
        else
          hash[key] = [value].flatten
        end
      end
    end

    def request_parameters_with_immunio
      params = request_parameters_without_immunio

      Request.time 'plugin', "#{Module.nesting[0]}::#{__method__}" do
        if params.any?
          filtered = {}.tap do |hash|
            params.each do |key, value|
              convert_value(hash, key, value)
            end
          end
          Immunio.run_hook!(
            'action_dispatch',
            'framework_input_params',
            params: filtered)
        end
      end

      params
    end
  end
end

Immunio::Plugin.load(
  'ActionDispatch (Cookie)',
  hooks: %w(bad_cookie)) do |plugin|

  class ActionDispatch::Cookies
    if defined? SignedCookieJar
      SignedCookieJar.send :include, Immunio::CookieHooks
    end

    if defined? UpgradeLegacySignedCookieJar
      UpgradeLegacySignedCookieJar.send :include, Immunio::CookieHooks
    end

    if defined? EncryptedCookieJar
      EncryptedCookieJar.send :include, Immunio::CookieHooks
    end

    if defined? UpgradeLegacyEncryptedCookieJar
      UpgradeLegacyEncryptedCookieJar.send :include, Immunio::CookieHooks
    end
  end

  plugin.loaded! ActionPack::VERSION::STRING
end

Immunio::Plugin.load(
  'ActionDispatch (Params)',
  hooks: %w(framework_input_params)) do |plugin|

  ActionDispatch::Request.send :include, Immunio::ParamsHooks

  plugin.loaded! ActionPack::VERSION::STRING
end