lib/custom_wizard/action.rb

# frozen_string_literal: true
class CustomWizard::Action
  attr_accessor :submission,
                :action,
                :user,
                :guardian,
                :result

  REQUIRES_USER = %w[
    create_topic
    update_profile
    open_composer
    watch_categories
    add_to_group
  ]

  def initialize(opts)
    @wizard = opts[:wizard]
    @action = opts[:action]
    @user = @wizard.user
    @guardian = Guardian.new(@user)
    @submission = opts[:submission]
    @log = []
    @result = CustomWizard::ActionResult.new
  end

  def perform
    if REQUIRES_USER.include?(action['id']) && !@user
      log_error("action requires user", "id: #{action['id']};")
      @result.success = false
      return @result
    end

    ActiveRecord::Base.transaction do
      self.send(action['type'].to_sym)
    end

    if creates_post? && @result.success?
      @result.handler.enqueue_jobs
    end

    if @result.success? && @result.output.present?
      @submission.fields[action['id']] = @result.output
    end

    save_log

    @result.submission = @submission
    @result
  end

  def mapper_data
    @mapper_data ||= @submission&.fields_and_meta || {}
  end

  def mapper
    @mapper ||= CustomWizard::Mapper.new(user: user, data: mapper_data)
  end

  def callbacks_for(action)
    self.class.callbacks[action] || []
  end

  def create_topic
    params = basic_topic_params.merge(public_topic_params)

    callbacks_for(:before_create_topic).each do |acb|
      params = acb.call(params, @wizard, @action, @submission)
    end

    if params[:title].present? && params[:raw].present?
      creator = PostCreator.new(user, params)
      post = creator.create

      if creator.errors.present?
        messages = creator.errors.full_messages.join(" ")
        log_error("failed to create", messages)
      elsif action['skip_redirect'].blank?
        @submission.redirect_on_complete = post.topic.url
      end

      if creator.errors.blank?
        log_success("created topic", "id: #{post.topic.id}")
        result.handler = creator
        result.output = post.topic.id
      end
    else
      log_error("invalid topic params", "title: #{params[:title]}; post: #{params[:raw]}")
    end
  end

  def send_message
    if action['required'].present?
      required = CustomWizard::Mapper.new(
        inputs: action['required'],
        data: mapper_data,
        user: user
      ).perform

      if required.blank?
        log_error("required input not present")
        return
      end
    end

    params = basic_topic_params
    params.delete(:tags) unless user_can_tag

    targets = CustomWizard::Mapper.new(
      inputs: action['recipient'],
      data: mapper_data,
      user: user,
      multiple: true
    ).perform

    if targets.blank?
      log_error("no recipients", "send_message has no recipients")
      return
    end

    params[:target_group_names] = []
    params[:target_usernames] = []
    targets.each do |target|
      if Group.find_by(name: target)
        params[:target_group_names] << target
      elsif User.find_by_username(target)
        params[:target_usernames] << target
      else
        #
      end
    end

    if params[:title].present? &&
       params[:raw].present? &&
       (params[:target_usernames].present? ||
        params[:target_group_names].present?)

      params[:archetype] = Archetype.private_message

      poster = user || Discourse.system_user
      creator = PostCreator.new(poster, params)
      post = creator.create

      if creator.errors.present?
        messages = creator.errors.full_messages.join(" ")
        log_error("failed to create message", messages)
      elsif user && action['skip_redirect'].blank?
        @submission.redirect_on_complete = post.topic.url
      end

      if creator.errors.blank?
        log_success("created message", "id: #{post.topic.id}")
        result.handler = creator
        result.output = post.topic.id
      end
    else
      log_error(
        "invalid message params",
        "title: #{params[:title]}; post: #{params[:raw]}; recipients: #{params[:target_usernames]}"
      )
    end
  end

  def update_profile
    params = {}

    if (profile_updates = action['profile_updates'])
      profile_updates.first[:pairs].each do |pair|
        if allowed_profile_field?(pair['key'])
          key = cast_profile_key(pair['key'])
          value = cast_profile_value(
            mapper.map_field(
              pair['value'],
              pair['value_type']
            ),
            pair['key']
          )

          if user_field?(pair['key'])
            params[:custom_fields] ||= {}
            params[:custom_fields][key] = value
          else
            params[key.to_sym] = value
          end
        end
      end
    end

    params = add_custom_fields(params)

    if params.present?
      result = UserUpdater.new(Discourse.system_user, user).update(params)

      if params[:avatar].present?
        result = update_avatar(params[:avatar])
      end

      if result
        log_success("updated profile fields", "fields: #{params.keys.map(&:to_s).join(',')}")
      else
        log_error("failed to update profile fields", "result: #{result.inspect}")
      end
    else
      log_error("invalid profile fields params", "params: #{params.inspect}")
    end
  end

  def watch_tags
    tags = CustomWizard::Mapper.new(
      inputs: action['tags'],
      data: mapper_data,
      user: user
    ).perform

    tags = [*tags]
    level = action['notification_level'].to_sym

    if level.blank?
      log_error("Notifcation Level was not set. Exiting watch tags action")
      return
    end

    users = []

    if action['usernames']
      mapped_users = CustomWizard::Mapper.new(
        inputs: action['usernames'],
        data: mapper_data,
        user: user
      ).perform

      if mapped_users.present?
        mapped_users = mapped_users.split(',')
          .map { |username| User.find_by(username: username) }
        users.push(*mapped_users)
      end
    end

    if ActiveRecord::Type::Boolean.new.cast(action['wizard_user'])
      users.push(user)
    end

    users.each do |user|
      result = TagUser.batch_set(user, level, tags)

      if result
        log_success("#{user.username} notifications for #{tags} set to #{level}")
      else
        log_error("failed to set #{user.username} notifications for #{tags} to #{level}")
      end
    end
  end

  def watch_categories
    watched_categories = CustomWizard::Mapper.new(
      inputs: action['categories'],
      data: mapper_data,
      user: user
    ).perform

    watched_categories = [*watched_categories].map(&:to_i)

    notification_level = action['notification_level']

    if notification_level.blank?
      log_error("Notifcation Level was not set. Exiting wizard action")
      return
    end

    mute_remainder = CustomWizard::Mapper.new(
      inputs: action['mute_remainder'],
      data: mapper_data,
      user: user
    ).perform

    users = []

    if action['usernames']
      mapped_users = CustomWizard::Mapper.new(
        inputs: action['usernames'],
        data: mapper_data,
        user: user
      ).perform

      if mapped_users.present?
        mapped_users = mapped_users.split(',')
          .map { |username| User.find_by(username: username) }
        users.push(*mapped_users)
      end
    end

    if ActiveRecord::Type::Boolean.new.cast(action['wizard_user'])
      users.push(user)
    end

    category_ids = Category.all.pluck(:id)
    set_level = CategoryUser.notification_levels[notification_level.to_sym]
    mute_level = CategoryUser.notification_levels[:muted]

    users.each do |user|
      category_ids.each do |category_id|
        new_level = nil

        if watched_categories.include?(category_id) && set_level != nil
          new_level = set_level
        elsif mute_remainder
          new_level = mute_level
        end

        if new_level
          CategoryUser.set_notification_level_for_category(user, new_level, category_id)
        end
      end

      if watched_categories.any?
        log_success("#{user.username} notifications for #{watched_categories} set to #{set_level}")
      end

      if mute_remainder
        log_success("#{user.username} notifications for all other categories muted")
      end
    end
  end

  def send_to_api
    api_body = nil

    if action['api_body'] != ""
      begin
        api_body_parsed = JSON.parse(action['api_body'])
      rescue JSON::ParserError
        raise Discourse::InvalidParameters, "Invalid API body definition: #{action['api_body']} for #{action['title']}"
      end
      api_body = JSON.parse(mapper.interpolate(JSON.generate(api_body_parsed)))
    end

    result = CustomWizard::Api::Endpoint.request(user, action['api'], action['api_endpoint'], api_body)

    if error = result['error'] || (result[0] && result[0]['error'])
      error = error['message'] || error
      log_error("api request failed", "message: #{error}")
    else
      log_success("api request succeeded", "result: #{result}")
    end
  end

  def open_composer
    params = basic_topic_params

    if params[:title].present? && params[:raw].present?
      url = "/new-topic?title=#{encode_query_param(params[:title])}"
      url += "&body=#{encode_query_param(params[:raw])}"

      if category_id = action_category
        url += "&category_id=#{category_id}"
      end

      if tags = action_tags
        url += "&tags=#{tags.join(',')}"
      end

      route_to = Discourse.base_uri + url
      @result.output = @submission.route_to = route_to

      log_success("route: #{route_to}")
    else
      log_error("invalid composer params", "title: #{params[:title]}; post: #{params[:raw]}")
    end
  end

  def add_to_group
    group_map = CustomWizard::Mapper.new(
      inputs: action['group'],
      data: mapper_data,
      user: user,
      opts: {
        multiple: true
      }
    ).perform

    group_map = group_map.flatten.compact

    unless group_map.present?
      log_error("invalid group map")
      return
    end

    groups = group_map.reduce([]) do |result, g|
      begin
        result.push(Integer(g))
      rescue ArgumentError
        group = Group.find_by(name: g)
        result.push(group.id) if group
      end

      result
    end

    result = nil

    if groups.present?
      groups.each do |group_id|
        group = Group.find(group_id) if group_id
        result = group.add(user) if group
      end
    end

    if result
      log_success("added to groups", "groups: #{groups.map(&:to_s).join(',')}")
    else
      detail = groups.present? ? "groups: #{groups.map(&:to_s).join(',')}" : nil
      log_error("failed to add to groups", detail)
    end
  end

  def route_to
    return unless (url_input = action['url']).present?

    if url_input.is_a?(String)
      url = mapper.interpolate(url_input)
    else
      url = CustomWizard::Mapper.new(
        inputs: url_input,
        data: mapper_data,
        user: user
      ).perform
    end

    if action['code']
      @submission.fields[action['code']] = SecureRandom.hex(8)
      url += "&#{action['code']}=#{@submission.fields[action['code']]}"
    end

    route_to = UrlHelper.encode(url)
    @submission.route_to = route_to

    log_info("route: #{route_to}")
  end

  def create_group
    group =
      begin
        Group.new(new_group_params.except(:usernames, :owner_usernames))
      rescue ArgumentError => e
        raise Discourse::InvalidParameters, "Invalid group params"
      end

    if group.save
      def get_user_ids(username_string)
        User.where(username: username_string.split(",")).pluck(:id)
      end

      if new_group_params[:owner_usernames].present?
        owner_ids = get_user_ids(new_group_params[:owner_usernames])
        owner_ids.each { |user_id| group.group_users.build(user_id: user_id, owner: true) }
      end

      if new_group_params[:usernames].present?
        user_ids = get_user_ids(new_group_params[:usernames])
        if user_ids.count < new_group_params[:usernames].count
          log_error("Warning, group creation: some users were not found!")
        end
        user_ids -= owner_ids if owner_ids
        user_ids.each { |user_id| group.group_users.build(user_id: user_id) }
      end

      if group.save
        log_success("Group created", group.name)
      end

      result.output = group.name
    else
      log_error("Group creation failed", group.errors.messages)
    end
  end

  def create_category
    category =
      begin
        Category.new(new_category_params.merge(user: user))
      rescue ArgumentError => e
        raise Discourse::InvalidParameters, "Invalid category params"
      end

    if category.save
      StaffActionLogger.new(user).log_category_creation(category)
      log_success("Category created", category.name)
      result.output = category.id
    else
      log_error("Category creation failed", category.errors.messages)
    end
  end

  def self.callbacks
    @callbacks ||= {}
  end

  def self.register_callback(action, &block)
    callbacks[action] ||= []
    callbacks[action] << block
  end

  private

  def action_category
    output = CustomWizard::Mapper.new(
      inputs: action['category'],
      data: mapper_data,
      user: user
    ).perform

    return false unless output.present?

    if output.is_a?(Array)
      output.first
    elsif output.is_a?(Integer)
      output
    elsif output.is_a?(String)
      output.to_i
    end
  end

  def action_tags
    output = CustomWizard::Mapper.new(
      inputs: action['tags'],
      data: mapper_data,
      user: user,
    ).perform

    return false unless output.present?

    if output.is_a?(Array)
      output.flatten
    else output.is_a?(String)
      [*output]
    end
  end

  def add_custom_fields(params = {})
    if (custom_fields = action['custom_fields']).present?
      field_map = CustomWizard::Mapper.new(
        inputs: custom_fields,
        data: mapper_data,
        user: user
      ).perform
      registered_fields = CustomWizard::CustomField.full_list

      field_map.each do |field|
        keyArr = field[:key].split('.')
        value = field[:value]

        if keyArr.length > 1
          klass = keyArr.first.to_sym
          name = keyArr.second

          if keyArr.length === 3 && name.include?("{}")
            name = name.gsub("{}", "")
            json_attr = keyArr.last
            type = :json
          end
        else
          name = keyArr.first
        end

        registered = registered_fields.select { |f| f.name == name }.first
        if registered.present?
          klass = registered.klass.to_sym
          type = registered.type.to_sym
        end

        next if type === :json && json_attr.blank?

        if klass === :topic
          params[:topic_opts] ||= {}
          params[:topic_opts][:custom_fields] ||= {}

          if type === :json
            params[:topic_opts][:custom_fields][name] ||= {}
            params[:topic_opts][:custom_fields][name][json_attr] = value
          else
            params[:topic_opts][:custom_fields][name] = value
          end
        else
          if type === :json
            params[:custom_fields][name] ||= {}
            params[:custom_fields][name][json_attr] = value
          else
            params[:custom_fields] ||= {}
            params[:custom_fields][name] = value
          end
        end
      end
    end

    params
  end

  def basic_topic_params
    params = {
      skip_validations: true,
      topic_opts: {
        custom_fields: {
          wizard_submission_id: @wizard.current_submission.id
        }
      }
    }

    params[:title] = CustomWizard::Mapper.new(
      inputs: action['title'],
      data: mapper_data,
      user: user
    ).perform

    if tags = action_tags
      params[:tags] = tags
    end

    params[:raw] = action['post_builder'] ?
      mapper.interpolate(
        action['post_template'],
        user: true,
        value: true,
        wizard: true,
        template: true
      ) :
      @submission.fields[action['post']]

    params[:import_mode] = ActiveRecord::Type::Boolean.new.cast(action['suppress_notifications'])

    add_custom_fields(params)
  end

  def public_topic_params
    params = {}

    if category = action_category
      params[:category] = category
    end

    if public_topic_fields.any?
      public_topic_fields.each do |field|
        unless action[field].nil? || action[field] == ""
          params[field.to_sym] = CustomWizard::Mapper.new(
            inputs: action[field],
            data: mapper_data,
            user: user
          ).perform
        end
      end
    end

    params
  end

  def new_group_params
    params = {}

    %w(
      name
      full_name
      title
      bio_raw
      owner_usernames
      usernames
      mentionable_level
      messageable_level
      visibility_level
      members_visibility_level
      grant_trust_level
    ).each do |attr|
      input = action[attr]

      if attr === "name" && input.blank?
        raise ArgumentError.new
      end

      if attr === "full_name" && input.blank?
        input = action["name"]
      end

      if input.present?
        value = CustomWizard::Mapper.new(
          inputs: input,
          data: mapper_data,
          user: user
        ).perform

        if value
          value = value.parameterize(separator: '_') if attr === "name"
          value = value.to_i if attr.include?("_level")

          params[attr.to_sym] = value
        end
      end
    end

    add_custom_fields(params)
  end

  def new_category_params
    params = {}

    %w(
      name
      slug
      color
      text_color
      parent_category_id
      permissions
    ).each do |attr|
      if action[attr].present?
        value = CustomWizard::Mapper.new(
          inputs: action[attr],
          data: mapper_data,
          user: user
        ).perform

        if value
          if attr === "parent_category_id" && value.is_a?(Array)
            value = value[0]
          end

          if attr === "permissions" && value.is_a?(Array)
            permissions = value
            value = {}

            permissions.each do |p|
              k = p[:key]
              v = p[:value].to_i

              if k.is_a?(Array)
                group = Group.find_by(id: k[0])
                k = group.name
              else
                k = k.parameterize(separator: '_')
              end

              value[k] = v
            end
          end

          if attr === 'slug'
            value = value.parameterize(separator: '-')
          end

          params[attr.to_sym] = value
        end
      end
    end

    add_custom_fields(params)
  end

  def creates_post?
    [:create_topic, :send_message].include?(action['type'].to_sym)
  end

  def public_topic_fields
    ['visible']
  end

  def profile_url_fields
    ['profile_background', 'card_background']
  end

  def cast_profile_key(key)
    if profile_url_fields.include?(key)
      "#{key}_upload_url"
    else
      key
    end
  end

  def cast_profile_value(value, key)
    return value if value.nil?

    if profile_url_fields.include?(key)
      value['url']
    elsif key === 'avatar'
      value['id']
    else
      value
    end
  end

  def profile_excluded_fields
    ['username', 'email', 'trust_level'].freeze
  end

  def allowed_profile_field?(field)
    allowed_profile_fields.include?(field) || user_field?(field)
  end

  def user_field?(field)
    field.to_s.include?(::User::USER_FIELD_PREFIX) &&
    ::UserField.exists?(field.split('_').last.to_i)
  end

  def allowed_profile_fields
    CustomWizard::Mapper.user_fields.select { |f| profile_excluded_fields.exclude?(f) } +
    profile_url_fields +
    ['avatar']
  end

  def update_avatar(upload_id)
    user.create_user_avatar unless user.user_avatar
    user.user_avatar.custom_upload_id = upload_id
    user.uploaded_avatar_id = upload_id
    user.save!
    user.user_avatar.save!
  end

  def encode_query_param(param)
    Addressable::URI.encode_component(param, Addressable::URI::CharacterClasses::UNRESERVED)
  end

  def log_success(message, detail = nil)
    @log.push("success: #{message} - #{detail}")
    @result.success = true
  end

  def log_error(message, detail = nil)
    @log.push("error: #{message} - #{detail}")
    @result.success = false
  end

  def log_info(message, detail = nil)
    @log.push("info: #{message} - #{detail}")
  end

  def save_log
    username = user ? user.username : @wizard.actor_id

    CustomWizard::Log.create(
      @wizard.id,
      action['type'],
      username,
      @log.join('; ')
    )
  end
  def user_can_tag
    allowed_groups =
      SiteSetting.pm_tags_allowed_for_groups.split('|').map(&:to_i)
    user.groups.pluck(:id).any? { |group| allowed_groups.include?(group) }
  end
end