<?php

declare(strict_types=1);

namespace App\Entity;

use ApiPlatform\Doctrine\Orm\Filter\BooleanFilter;
use ApiPlatform\Doctrine\Orm\Filter\SearchFilter;
use ApiPlatform\Metadata\ApiFilter;
use ApiPlatform\Metadata\ApiResource;
use ApiPlatform\Metadata\Get;
use ApiPlatform\Metadata\GetCollection;
use ApiPlatform\Metadata\Patch;
use ApiPlatform\Metadata\Post;
use App\State\User\ActiveUsersProvider;
use App\State\User\MeProvider;
use App\State\User\UserPasswordProcessor;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Serializer\Attribute\Groups;
use Symfony\Component\Serializer\Attribute\SerializedName;

#[ORM\Entity]
#[ORM\Table(name: 'user', schema: 'public')]
#[ApiFilter(SearchFilter::class, properties: ['username' => 'ipartial'])]
#[ApiFilter(BooleanFilter::class, properties: ['isLocked'])]
#[ApiResource(
    operations: [
        new Get(
            uriTemplate: '/me',
            normalizationContext: ['groups' => ['user:read']],
            security: "is_granted('ROLE_USER')",
            provider: MeProvider::class
        ),
        new Get(
            requirements: ['id' => '\d+'],
            normalizationContext: ['groups' => ['user:read']],
            security: "is_granted('ROLE_USER')"
        ),
        new Post(
            normalizationContext: ['groups' => ['user:read']],
            denormalizationContext: ['groups' => ['user:write']],
            security: "is_granted('ROLE_ADMIN')",
            processor: UserPasswordProcessor::class
        ),
        new Patch(
            normalizationContext: ['groups' => ['user:read']],
            denormalizationContext: ['groups' => ['user:write']],
            security: "is_granted('ROLE_ADMIN')",
            processor: UserPasswordProcessor::class
        ),
        new GetCollection(
            normalizationContext: ['groups' => ['user-login:read']],
            security: "is_granted('PUBLIC_ACCESS')",
            provider: ActiveUsersProvider::class
        ),
        new GetCollection(
            uriTemplate: '/admin/users',
            normalizationContext: ['groups' => ['user:read']],
            security: "is_granted('ROLE_ADMIN')",
            paginationEnabled: true
        ),
    ],
    normalizationContext: ['groups' => ['user:read']],
    paginationEnabled: false
)]
class User implements UserInterface, PasswordAuthenticatedUserInterface
{
    #[ORM\Id]
    #[ORM\GeneratedValue]
    #[ORM\Column(type: 'integer')]
    #[Groups(['user:read', 'user-login:read', 'reception:read', 'shipment:read', 'supplier:read', 'customer:read'])]
    private ?int $id = null;

    #[ORM\Column(length: 180, unique: true)]
    #[Groups(['user:read', 'user:write', 'user-login:read', 'reception:read', 'shipment:read', 'supplier:read', 'customer:read'])]
    private string $username = '';

    #[ORM\Column(type: 'json')]
    #[Groups(['user:write', 'user:read'])]
    private array $roles = [];

    #[ORM\Column]
    #[Groups(['user:write'])]
    private string $password = '';

    #[ORM\Column(type: 'boolean', options: ['default' => false])]
    #[Groups(['user:read', 'user:write'])]
    #[SerializedName('isLocked')]
    private bool $isLocked = false;

    public function getId(): ?int
    {
        return $this->id;
    }

    public function getUsername(): string
    {
        return $this->username;
    }

    public function setUsername(string $username): self
    {
        $this->username = $username;

        return $this;
    }

    public function getUserIdentifier(): string
    {
        return $this->username;
    }

    public function getRoles(): array
    {
        $roles   = $this->roles;
        $roles[] = 'ROLE_USER';

        return array_unique($roles);
    }

    public function setRoles(array $roles): self
    {
        $this->roles = $roles;

        return $this;
    }

    public function getPassword(): string
    {
        return $this->password;
    }

    public function setPassword(string $password): self
    {
        $this->password = $password;

        return $this;
    }

    public function getIsLocked(): bool
    {
        return $this->isLocked;
    }

    public function setIsLocked(bool $isLocked): self
    {
        $this->isLocked = $isLocked;

        return $this;
    }

    public function eraseCredentials(): void
    {
        // No-op: we don't store temporary sensitive data on the entity.
    }
}