#
#
#
# get_data_util.cfv (Users)
#
#
# get_user_access_subitems_dat()
# get_user_access_dat()
# get_users_dat()
# get_profiles_dat()
#
# get_profiles_dat_for_roles_dat()
# get_roles_dat()
#


#
#
#
# get_user_access_subitems_dat()
#
#
#
	
subroutine(get_user_access_subitems_dat(
	node access_item,
	string lookup_name), (
	
	node items = access_item{lookup_name};
	
	string dat = "[";
	
	if (num_subnodes(items) > 0) then (
	
		node item;
		
		foreach item items (
			dat .= '"' . encode_json(@item) . '",';
		);
		
		dat = replace_last(dat, ",", "]");
	
	)
	else (
		dat .= "]";
	);
	
	dat;
));

#
#
#
# get_user_access_dat()
#
#
#
	
subroutine(get_user_access_dat(
	node user,
	bool is_enterprise), (

	#
	# Assembles the access node of a user
	# Note, if this is not an Enterprise version then we consider only the first access node in case of multiple access nodes.
	# (Invalid multiple access nodes could occur when switching the licensing feature from Enterprise to Pro!)
	# 
	
	string dat = "[";
	string item_dat;
	
	if (user?{"access"} and (num_subnodes(user{"access"}) > 0)) then (
	
		node item;
		int item_count = 0;
		node access_items = user{"access"};
		
		bool all_profiles;
		string profiles_dat;
		string roles_dat;
		string created_by_user;
		
		foreach item access_items (
			
			if (is_enterprise or (item_count == 0)) then (
			
				all_profiles = @item{"all_profiles"};
				profiles_dat = get_user_access_subitems_dat(item, "profiles");
				roles_dat = get_user_access_subitems_dat(item, "roles");
				created_by_user = if (@item{"created_by_user"} ne "") then (@item{"created_by_user"}) else ("root_admin");
				
				item_dat = "{";
				item_dat .= add_json("all_profiles", all_profiles, "bool");
				item_dat .= add_json("profiles", profiles_dat, "obj");
				item_dat .= add_json("roles", roles_dat, "obj");
				item_dat .= add_json("created_by_user", created_by_user, "string");
				item_dat = close_json(item_dat);
				
				dat .= item_dat . ",";
			);
			
			item_count++;
		);
	)
	else (
		
		# There is no single access item, we need to provide default data,
		# so we create an access item which actually does not access anything.
	
		item_dat = "{";
		item_dat .= add_json("all_profiles", "false", "bool");
		item_dat .= add_json("profiles", "[]", "obj");
		item_dat .= add_json("roles", "[]", "obj");
		item_dat .= add_json("created_by_user", "root_admin", "string");
		item_dat = close_json(item_dat) . ",";
		dat .= item_dat;
	);
	
	dat = replace_last(dat, ",", "]");
	
	dat;
));

#
#
#
# get_users_dat()
#
#
#
	

subroutine(get_users_dat(
	bool is_enterprise,
	string active_user_node_name,
	bool is_root_admin,
	bool is_unlimited_grants), (

	node user;
	node users = "users";
	node profiles = "profiles";
	node roles = if (is_enterprise) then ("roles_enterprise") else ("roles_standard");

	string dat = "[";
	string item_id;
	string user_item_dat;
	
	string user_node_name;
	string username;
	string user_name_label;
	string language;
	string created_by_user;
	
	string created_by_username;
	
	string report_filter_expression;
	
	string access_dat;
	node profile_item;
	node role_item;
	
	int user_count = 0;
	

	if (num_subnodes(users) > 2) then (
	
		# We only sort if there are more than 2 users because the root_admin does not count as user,
		# it is managed in a separate page.
		
		sort(users, "field:username,alphabetical,ascending", false);
	);
	
	foreach user users (
	
		user_node_name = node_name(user);
		
		if (user_node_name ne "root_admin") then (
	
			item_id = "i" . user_count;
			username = 	@user{"username"};
			user_name_label = username;
			language = if (user?{"language"}) then (@user{"language"}) else ("");
			created_by_user = if (user?{"created_by_user"}) then (@user{"created_by_user"}) else ("root_admin");
			# debug_message("#### active_user_node_name: " . active_user_node_name . "\n");
			# debug_message("#### created_by_user: " . created_by_user . "\n");
			
			if (user_node_name eq active_user_node_name) then (
				user_name_label .= " (" . lang_admin.users.logged_in . ")";
			)
			else if ((is_root_admin or is_unlimited_grants) and (active_user_node_name ne created_by_user)) then (
			
				created_by_username = if (users?{created_by_user}) then (@(users . "." . created_by_user . ".username")) else (lang_admin.users.unknown_user);
				volatile.param1 = "__param1__";
				user_name_label .= " (" . expand(lang_admin.general.by_user) . ")";
				user_name_label = replace_all(user_name_label, "__param1__", created_by_username);
			);			
			
			access_dat = get_user_access_dat(user, is_enterprise);
			
			report_filter_expression = "";
			if (is_enterprise and ?(user . ".report_filters.all_profiles.filter_expression")) then (
				report_filter_expression = @(user . ".report_filters.all_profiles.filter_expression");
			);
			
			bool auto_direct_to_reports_after_login = if (user?{"auto_direct_to_reports_after_login"}) then (@user{"auto_direct_to_reports_after_login"}) else (false);
			
						
			user_item_dat = "{";
			user_item_dat .= add_json("is_new", false , "bool"); # We use this node upon saving changes to check whether we have a new user or not
			user_item_dat .= add_json("node_name", user_node_name, "string");
			user_item_dat .= add_json("username", username, "string");
			user_item_dat .= add_json("password","", "string");
			user_item_dat .= add_json("language", language, "string");
			user_item_dat .= add_json("created_by_user", created_by_user, "string");
			user_item_dat .= add_json("access", access_dat, "obj");
			user_item_dat .= add_json("report_filter_expression", report_filter_expression, "string");
			user_item_dat .= add_json("auto_direct_to_reports_after_login", auto_direct_to_reports_after_login, "bool");
			user_item_dat = close_json(user_item_dat);
			
								
			dat .= '{';
			dat .= add_json("id", item_id, "string");
			dat .= add_json("type", "users", "string");
			dat .= add_json("label", user_name_label, "string");
			dat .= add_json("dat", user_item_dat, "obj");
			dat = close_json(dat) . ",";
			
			user_count++;
			
		); # if not root_admin
	);
	
	if (user_count > 0) then (
	
		dat =  replace_last(dat, ",", "]");
	)
	else (
	
		# There is no user, only the root_admin exists which is not shown in the users page
		dat .=  "]";
	);
	
	
	debug_message("\n\n#### users_dat:\n" . dat . "\n\n");

	dat;
));


#
#
#
# get_profiles_dat()
#
#
#
	#
	#
	# NOTE, we need all profiles also in case that the user has limited
	# grants because profiles are always shown in the access list.
	# If limited grants we need a second list which indicates
	# the profiles the user has access too!
	# Hmm, we could add a third paramter in the profiles array!
	#
	#

subroutine(get_profiles_dat, (

	int number_of_profiles = num_subnodes("profiles");
	
	# debug_message("#### get_profiles_dat() - number_of_profiles: " . number_of_profiles . "\n");

	node item;
	string dat = "[";
	
	if (number_of_profiles > 0) then (
	
		# Sort profiles
		if (number_of_profiles > 1) then (
		
			sort("profiles", "field:label,alphabetical,ascending", false);
			# debug_message("#### get_profiles_dat() -  sorting profiles OK \n");
		);
	
		foreach item "profiles" (
		
			dat .= "{";
			dat .= add_json("name", node_name(item), "string");
			dat .= add_json("label", @item{"label"}, "string");
			dat = close_json(dat) . ",";
		);
		
		dat = replace_last(dat, ",", "]");
	)
	else (
	
		dat .= "]";
	);
	
	debug_message("\n\n#### profiles_dat:\n" . dat . "\n\n");

	dat;
));


#
#
#
# get_profiles_dat_for_roles_dat()
#
#
#

subroutine(get_profiles_dat_for_roles_dat(
	bool is_all_profiles,
	node super_users_roles_profiles), (

	string dat = "[";
	
	if (!is_all_profiles and (num_subnodes(super_users_roles_profiles) > 0)) then (
	
		node item;
		string profile_name;
		
		node profiles = "profiles";
		
		foreach item super_users_roles_profiles (
		
			profile_name = node_name(item);
			
			if (profiles?{profile_name}) then (
			
				dat .= '"' . profile_name . '",';
			);
		);
	);
	
	if (dat ne "[") then (
	
		dat = replace_last(dat, ",", "]");
	)
	else (
	
		dat .= "]";
	);
	
	dat;
));

#
#
#
# get_roles_dat()
#
#
#
	

subroutine(get_roles_dat(
	bool is_enterprise,
	bool is_root_admin,
	bool is_unlimited_grants), (

	node roles = if (is_enterprise) then ("roles_enterprise") else ("roles_standard");
	
	bool is_super_users_roles = (!is_root_admin and !is_unlimited_grants);
	node super_users_roles;
	node the_super_users_role;
	bool is_all_profiles;
	string profiles_dat;
	
	if (is_super_users_roles) then (
	
		string session_id = volatile.session_id;
		super_users_roles = "sessions_cache." . session_id . ".session_info.user_grants.super_users_roles";
	);
	
	node item;
	string role_name;
	string role_label;
	string dat = "[";
	
	bool is_permission = true;
	
	if (num_subnodes(roles) > 0) then (
	
		sort(roles, "field:label,alphabetical,ascending", true);
	
		foreach item roles (
		
			role_name = node_name(item);
			role_label = get_expanded_label(@item{"label"});
		
			dat .= "{";
			dat .= add_json("name", role_name, "string");
			dat .= add_json("label", role_label, "string");
			
			if (is_super_users_roles) then (
			
				if (super_users_roles?{role_name}) then (
					is_permission = true;
					
					the_super_users_role = super_users_roles{role_name};
					is_all_profiles = @the_super_users_role{"all_profiles"};
					profiles_dat = get_profiles_dat_for_roles_dat(is_all_profiles, the_super_users_role{"profiles"});
					
					dat .= add_json("isAllProfiles", is_all_profiles, "bool");
					dat .= add_json("profiles", profiles_dat, "obj");
				)
				else (
					is_permission = false;
				);
			);
			
			dat .= add_json("isPermission", is_permission, "bool");
			
			dat = close_json(dat) . ",";
		);
		
		dat = replace_last(dat, ",", "]");
	
	)
	else (
	
		dat .= "]";
	);

	debug_message("\n\n#### roles_dat:\n" . dat . "\n\n");

	dat;
));