/*
 * Created on Sep 29, 2005
 */
package com.ecyrd.jspwiki.plugin;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Map;

import com.ecyrd.jspwiki.WikiContext;
import com.ecyrd.jspwiki.auth.WikiAuthenticator;
import com.ecyrd.jspwiki.auth.modules.JdbcAuthenticator;

/**
 * @author sym
 */
public class JdbcAuthPlugin implements WikiPlugin {

	/* (non-Javadoc)
	 * @see com.ecyrd.jspwiki.plugin.WikiPlugin#execute(com.ecyrd.jspwiki.WikiContext, java.util.Map)
	 */
	public String execute(WikiContext context, Map params)
			throws PluginException {
		WikiAuthenticator auth = context.getEngine().getUserManager().getAuthenticator();
		if (!(auth instanceof JdbcAuthenticator)) throw new PluginException("Cannot use this plugin if the authenticator is not a JdbcAuthenticator");

		JdbcAuthenticator ja = (JdbcAuthenticator)auth;
		
        ResultSet res = null;
		Connection con = null;
		PreparedStatement checkps = null;
		StringBuffer ret = new StringBuffer();
		con = ja.getConnection();
		if (con == null) throw new PluginException("Cannot connect to database");
		try {
			String authp = context.getHttpParameter("auth");
			String resetp = context.getHttpParameter("reset");
			if (authp != null) {
				checkps = con.prepareStatement(ja.isAuthQuery);
				checkps.setString(1, authp);				
				res = checkps.executeQuery();
				if (res.next()) {
					boolean acauth = res.getBoolean(1);
					acauth = !acauth;
					res.close();
					checkps.close();
					checkps = con.prepareStatement(ja.updateAuthQuery);
					checkps.setBoolean(1, acauth);
					checkps.setString(2, authp);
					checkps.execute();
					checkps.close();
				}
			}

			if (resetp != null) {
				String npass = Long.toHexString(System.currentTimeMillis());
				npass = npass.substring(npass.length() - 10);
				checkps = con.prepareStatement(ja.updatePassQuery);
				checkps.setString(1, npass);
				checkps.setString(2, resetp);
				if (checkps.executeUpdate() != 0) {
					ret.append("<b>New password for ");
					ret.append(resetp);
					ret.append(" is ");
					ret.append(npass);
					ret.append("</b><br/><br/>");
				}
				checkps.close();
			}
			
			
			checkps = con.prepareStatement(ja.listQuery);
			res = checkps.executeQuery();
			ret.append("<table class=\"wikitable\">\n");
			ret.append("<tr><th>User</th><th>Authorized</th><th>Actions</th></tr>\n");
			while (res.next()) {
				String name = res.getString(1);
				boolean isauth = res.getBoolean(2);
				ret.append("<tr>");
				ret.append("<td>");
				ret.append(context.getEngine().textToHTML(context, "[" + name + "]"));
				ret.append("</td>");
				ret.append("<td>");
				ret.append("<a href=\"");
				ret.append(context.getEngine().getURL(WikiContext.VIEW, context.getPage().getName(), "auth=" + name, true));
				ret.append("\">");
				ret.append(isauth ? "Yes": "Not yet");
				ret.append("</a>");
				ret.append("</td>");
				ret.append("<td>");
				ret.append("<a href=\"");
				ret.append(context.getEngine().getURL(WikiContext.VIEW, context.getPage().getName(), "reset=" + name, true));
				ret.append("\">");
				ret.append("Reset password");
				ret.append("</a>");
				ret.append("</td>");
				ret.append("</tr>\n");
			}
			ret.append("</table>\n");
		} catch (SQLException e) {
			e.printStackTrace();
			throw new PluginException("Error while performing database query");
		} finally {
	        try {
				if (res != null) res.close();
			} catch (SQLException e1) {
			}
	        try {
				if (checkps != null) checkps.close();
			} catch (SQLException e2) {
			}
	        try {
				if (con != null) con.close();
			} catch (SQLException e3) {
			}
		}
		return ret.toString();
	}

}