class Api::V1::IssuesController < Api::V1::BaseController
  respond_to :json

  before_filter :authenticate_user!
  skip_before_filter :authenticate_user!, :only => [:index, :group_index, :show] if APP_CONFIG['anonymous_access']

  load_and_authorize_resource :group, :only => :group_index, :find_by => :id, :parent => false
  load_and_authorize_resource :project
  load_and_authorize_resource :issue, :through => :project, :find_by => :serial_id, :only => [:show, :update, :create, :index]

  def index
    @issues = @project.issues
    render_issues_list
  end

  def all_index
    project_ids = get_all_project_ids Project.accessible_by(current_ability, :membered).pluck(:id)
    @issues = Issue.where(:project_id => project_ids)
    render_issues_list
  end

  def user_index
    project_ids = get_all_project_ids current_user.projects.pluck(:id)
    @issues = Issue.where(:project_id => project_ids)
    render_issues_list
  end

  def group_index
    project_ids = @group.projects.pluck(:id)
    project_ids = Project.accessible_by(current_ability, :membered).where(:id => project_ids).pluck(:id)
    @issues = Issue.where(:project_id => project_ids)
    render_issues_list
  end

  def show
    redirect_to api_v1_project_pull_request_path(@project.id, @issue.serial_id) if @issue.pull_request
  end

  def create
    @issue.user = current_user
    @issue.assignee = nil if cannot?(:write, @project)
    create_subject @issue
  end

  def update
    unless can?(:write, @project)
      params.delete :update_labels
      [:assignee_id, :labelings, :labelings_attributes].each do |k|
        params[:issue].delete k
      end if params[:issue]
    end
    @issue.labelings.destroy_all if params[:update_labels]
    if params[:issue] && status = params[:issue].delete(:status)
      @issue.set_close(current_user) if status == 'closed'
      @issue.set_open if status == 'open'
    end
    update_subject @issue
  end

  private

  def render_issues_list
    @issues = @issues.includes(:user, :assignee, :labels).without_pull_requests
    if params[:status] == 'closed'
      @issues = @issues.closed
    else
      @issues = @issues.opened
    end

    if action_name == 'index' && params[:assignee].present?
      case params[:assignee]
      when 'none'
        @issues = @issues.where(:assigned_id => nil)
      when '*'
        @issues = @issues.where('issues.assigned_id IS NOT NULL')
      else
        @issues = @issues.where('issues.assignees_issues.uname = ?', params[:assignee])
      end
    end

    if %w[all_index user_index group_index].include?(action_name)
      case params[:filter]
      when 'created'
        @issues = @issues.where(:user_id => current_user)
      when 'all'
      else
        @issues = @issues.where(:assignee_id => current_user)
      end
    else
      @issues.where('users.uname = ?', params[:creator]) if params[:creator].present?
    end

    if params[:labels].present?
      labels = params[:labels].split(',').map {|e| e.strip}.select {|e| e.present?}
      @issues = @issues.where('labels.name IN (?)', labels)
    end

    sort = params[:sort] == 'updated' ? 'issues.updated_at' : 'issues.created_at'
    direction = params[:direction] == 'asc' ? 'ASC' : 'DESC'
    @issues = @issues.order("#{sort} #{direction}")

    @issues = @issues.where('issues.created_at >= to_timestamp(?)', params[:since]) if params[:since] =~ /\A\d+\z/
    @issues = @issues.paginate(paginate_params)
    render :index
  end

  def get_all_project_ids default_project_ids
    project_ids = []
    if ['created', 'all'].include? params[:filter]
      # add own issues
      project_ids = Project.accessible_by(current_ability, :show).joins(:issues).
                            where(:issues => {:user_id => current_user.id}).pluck('projects.id')
    end
    project_ids |= default_project_ids
  end
end