package at.gv.egovernment.moa.id.configuration.validation;

import java.util.ArrayList;
import java.util.List;

import org.apache.log4j.Logger;

import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;

public class UserDatabaseFormValidator {

	private static final Logger log = Logger.getLogger(UserDatabaseFormValidator.class);
	
	public List<String> validate(UserDatabaseFrom form, long userID) {
		List<String> errors = new ArrayList<String>();
				
		String check = form.getGivenName();
		if (MiscUtil.isNotEmpty(check)) {
			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
				log.warn("GivenName contains potentail XSS characters: " + check);
				errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid", 
						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
			}
		} else {
			log.warn("GivenName is empty");
			errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty"));			
		}
		
		
		check = form.getFamilyName();
		if (MiscUtil.isNotEmpty(check)) {
			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
				log.warn("FamilyName contains potentail XSS characters: " + check);
				errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid", 
						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
			}
		} else {
			log.warn("FamilyName is empty");
			errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty"));			
		}

		check = form.getInstitut();
		if (MiscUtil.isNotEmpty(check)) {
			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
				log.warn("Organisation contains potentail XSS characters: " + check);
				errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid", 
						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
			}
		} else {
			log.warn("Organisation is empty");
			errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty"));			
		}
		
		check = form.getMail();
		if (MiscUtil.isNotEmpty(check)) {
			if (!ValidationHelper.isEmailAddressFormat(check)) {
				log.warn("Mailaddress is not valid: " + check);
				errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid", 
						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
			}
		} else {
			log.warn("Mailaddress is empty");
			errors.add(LanguageHelper.getErrorString("validation.edituser.mail.empty"));			
		}
		
		check = form.getPhone();
		if (MiscUtil.isNotEmpty(check)) {
			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
				log.warn("Phonenumber contains potentail XSS characters: " + check);
				errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid", 
						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
			}
		} else {
			log.warn("Phonenumber is empty");
			errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty"));			
		}
		
		check = form.getUsername();
		if (MiscUtil.isNotEmpty(check)) {
			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
				log.warn("Username contains potentail XSS characters: " + check);
				errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid", 
						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
				
			} else {
				UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(check);
				if (dbuser != null && userID != dbuser.getHjid()) {
					log.warn("Username " + check + " exists in UserDatabase");
					errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate"));
					form.setUsername("");
				}	
			}
		} else {
			if (userID == -1) {
				log.warn("Username is empty");
				errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
			} else {
				UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
				if (dbuser == null) {
					log.warn("Username is empty");
					errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
				} else {
					form.setUsername(dbuser.getUsername());
				}
			}
		}
		
		check = form.getPassword();
			
		if (MiscUtil.isEmpty(check)) {
			if (userID == -1) {
				log.warn("Password is empty");
				errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
			} else {
				UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
				if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) {
					log.warn("Password is empty");
					errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
				}
			}
			
		} else {
			
			if (check.equals(form.getPassword_second())) {
			
				String key = AuthenticationHelper.generateKeyFormPassword(check);
				if (key == null) {
					errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid"));
				}
				
			}
			else {
				errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal"));
			}
		}
		
		
		
		check = form.getBpk();
		if (MiscUtil.isNotEmpty(check)) {
			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
				log.warn("BPK contains potentail XSS characters: " + check);
				errors.add(LanguageHelper.getErrorString("validation.edituser.bpk.valid", 
						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
			}
		}
		
		return errors;
		
	}
}