<?php
namespace App\Controllers;
use CodeIgniter\API\ResponseTrait;
use App\Controllers\BaseController;

// Users Management
class Users extends BaseController {
	use ResponseTrait;
  protected $db;
  
  public function __construct() {
			$this->db = \Config\Database::connect();
  }

  public function index() {
    $sql = "select u.USERID, u.USERLEVEL from GDC_CMOD.dbo.USERS u
      left join glendb.dbo.USERS u1 on u1.USERID=u.USERID
      where u1.LOCKEDACCOUNT is null";
			$query = $this->db->query($sql);
			$results = $query->getResultArray();
			$data['data'] = $results;

    return $this->respond(['data' => $results]);
  }

  public function create() {
			$input = $this->request->getJSON(true);
    $userid   = $input['userid'];
    $userlevel  = $input['userlevel'];
    $password   = $input['password'];
    $password_2 = $input['password_2'];

    if ($password != $password_2) {
      return $this->response->setJSON(['message'=> 'Password not the same']);
    }
    if ( strlen($password) < 3 ) {
      return $this->response->setJSON(['message'=> 'Password must be more than 2 characters']);
    }

    $sql = $this->db->query("SELECT USERID FROM gdc_cmod.dbo.USERS WHERE USERID = ?", [$userid]);
    $query = $sql->getRowArray();
    if ($query != null) {
      return $this->response->setJSON(['message'=> 'Userid already exists']);
    }

    $hashedPassword = password_hash($password, PASSWORD_DEFAULT);

    $this->db->transBegin();
    try {
      $sqlInsert = "
        INSERT INTO gdc_cmod.dbo.USERS (USERID, USERLEVEL, PASSWORD)
        VALUES (?, ?, ?)
      ";
      $this->db->query($sqlInsert, [$userid, $userlevel, $hashedPassword]);

      $this->db->transCommit();

    } catch (\Throwable $e) {
      $this->db->transRollback();
      return $this->response->setJSON(['message'=> 'Server error']);
    }

    return $this->response->setJSON(['message'=> 'User '.$userid.' Berhasil ditambahkan!']);
  }

  public function update($id = null) {
    $input = $this->request->getJSON(true);
    $userid   = $input['userid'];
    $userlevel  = $input['userlevel'];
    $password   = $input['password'];
    $password_2 = $input['password_2'];
    
    if ( $password != '' || $password_2 != '')  {
      if ($password != $password_2) {
        return $this->response->setJSON(['message'=> 'Password not the same']);
      }

      $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
      $sqlUpdate ="
        UPDATE gdc_cmod.dbo.USERS 
        SET USERLEVEL = ?,
          PASSWORD = ?
        WHERE USERID = ?
      ";
      $fullUpdate = true;

    } else {
      $sqlUpdate ="
        UPDATE gdc_cmod.dbo.USERS 
        SET USERLEVEL = ?
        WHERE USERID = ?
      ";
      $fullUpdate = false;
    }

    $this->db->transBegin();
    try {

      if ($fullUpdate) {
        $this->db->query($sqlUpdate, [$userlevel, $hashedPassword, $userid]);
      } else {
        $this->db->query($sqlUpdate, [$userlevel, $userid]);
      }
      
      $this->db->transCommit();

    } catch (\Throwable $e) {
      $this->db->transRollback();
      return $this->response->setJSON(['message'=> 'Terjadi kesalahan pada server.']);
    }

    return $this->response->setJSON(['message'=> 'User '.$userid.' Berhasil Diupdate!']);
  }

}