# -*- coding: utf-8 -*-
require 'ipaddr'
class Ability
  include CanCan::Ability
  def initialize(user,request=nil,key=nil)
    tunet=IPAddr.new("128.131.95.0/24")
    local=IPAddr.new("127.0.0.1")
    loggedin=!(user.nil?)
    unless key.nil?
      k=Key.find_by_uuid(key)
      if !k.nil? && k.is_valid && k.typ == 0
        user=k.user
      end
    end
    user ||=  User.new # guest user (not logged in)
    if  (user.has_role?("fetuser") || user.has_role?("fetadmin") || tunet.include?(IPAddr.new(request.remote_ip)) || local.include?(IPAddr.new(request.remote_ip)))
    can :infoscreen, User
    end
    if  (user.has_role?("fetuser") || user.has_role?("fetadmin") || tunet.include?(IPAddr.new(request.remote_ip)) || local.include?(IPAddr.new(request.remote_ip)))
    can :verleihkalender, User
    end

    if( user.has_role?("fetuser") || user.has_role?("fetadmin"))
      can [:show,:answer, :create,:new, :create_from_template, :flag], Survey::Question
      can [:edit, :update, :flag_delete], Survey::Question, :flag_locked=>false
      can :flag_locked, Survey::Question, :user_id=>user.id
      can [:show,:new], Survey::Choice
      can [:edit,:update, :delete,:create], Survey::Choice, :question=>{:flag_locked=>false}
      can :manage, Survey::Answer
    end
    if user.has_role?("fetadmin")
      can [:delete,:flag_template], Survey::Question
    end
    #---------------------------------------------------

    can [:index,:hide], Comment
    can :show, Comment

    if loggedin
      can [:create,:new], Comment
      can [:comment], Comment
    end

  #  can :manage, Comment
    unless user.has_role?("fetadmin")
      cannot :delete, Comment
cannot :destroy, Comment
    end
    #-----------------------------------------------------
    # Rechteverwaltung fuer Studien Modul
    can [:show, :index], Studium, :visible=>true
    can [:show], Modulgruppe
    can [:show, :index], Modul
    can [:show, :index, :beispiel_sammlung], Lva
    can [:create, :show], Beispiel, flag_delete: false
    if loggedin
      can :like, Beispiel
      can :dislike, Beispiel
    end
    if ((user.has_role?("moderator",Beispiel)) || user.has_role?("fetuser") || user.has_role?("fetadmin"))
      can :flag, Beispiel
    can [:create, :show], Beispiel, flag_delete: true

      can [:edit, :update], Beispiel
      can :flag, Beispiel
      can :set_lecturer, Beispiel
      can :flag_delete, Beispiel
      can :flag_goodquality, Beispiel
      can :flag_badquality, Beispiel

    end
    if (user.has_role?("moderator",Lva))
      can [:verwalten, :edit, :compare_tiss, :load_tiss, :update], Lva
    end
    if( user.has_role?("fetuser") || user.has_role?("fetadmin"))
      can :manage, Modulgruppe
      can :manage, Modul
      can :manage, Lva
      can :manage, Studium
      #can :manage, Beispiel
      can :comment, Beispiel

      can :manage, Lecturer

    end
    unless user.has_role?("fetadmin")
      cannot :delete, Studium
      cannot :delete, Modulgruppe
      cannot :delete, Modul

    end
    if user.has_role?("fetadmin")
    can [:index, :parse, :show], Crawlobject
end
    #-----------------------------------------------------
    # Rechteverwaltung fuer Informationen
    can [:show, :index,:faqs], Themengruppe, :public=>true
    can [:show], Thema, :isdraft=>false,  :themengruppe=>{:public=>true}
    can :show, Frage
    if loggedin
    end
    if( user.has_role?("fetuser") || user.has_role?("fetadmin"))
      can :manage, Frage
      can :showdraft , Thema
      can :showintern, Thema
      can :manage, Thema
      can [:index, :faqs, :show,:new,:edit, :verwalten_all, :verwalten, :sort_themengruppen, :sort_themen, :create, :update ], Themengruppe
      can :manage, Attachment
    end
    can [:update,:edit,:verwalten, :showdraft], Thema, :id=>Thema.with_role(:editor, user).pluck(:id)
    can [:index, :faqs, :show,:new,:edit, :verwalten_all, :verwalten, :sort_themengruppen, :sort_themen, :create, :update, :delete], Thema, :themengruppe_id=>Themengruppe.with_role(:admin,user).pluck(:id)
    can :delete, Themengruppe, :id=>Themengruppe.with_role(:admin,user).pluck(:id)
    if user.has_role?("fetadmin")
      can :delete, Themengruppe
      can :delete, Thema
    end

    unless user.has_role?("fetadmin")
      cannot :delete, Themengruppe
      cannot :delete, Thema
    end

    #-----------------------------------------------------
    # Rechteverwaltung fuer Fotos

#    can [:show,:index], Gallery, :intern=>false
      can [:show,:index], Gallery
      can :show, Foto

    if loggedin
    end
    if( user.has_role?("fetuser") || user.has_role?("fetadmin"))
      can :manage, Gallery
      can :manage, Foto
    end
    unless user.has_role?("fetadmin")
      cannot :delete, Gallery
    end

    #-----------------------------------------------------
    # Rechteverwaltung fuer Mitarbeiter
    can [:show, :index], Fetprofile
    can [:show, :index],Gremium
    if loggedin
    end
    if( user.has_role?("fetuser") || user.has_role?("fetadmin"))
      can :manage, Fetprofile
      can :manage, Gremium
      can :manage, Membership
    end
    unless user.has_role?("fetadmin")
      cannot :delete, Fetprofile
      cannot :delete ,Gremium
    end

    #-----------------------------------------------------
    # Rechteverwaltung fuer Neuigkeiten
    can :index, Rubrik
    can [:show], Rubrik, :public=>true
    can [:list], Neuigkeit, :cache_is_published=>true,  :rubrik=>{:public=>true}
    can :show, Neuigkeit, :cache_is_published=>true, :rubrik=>{:public=>true}

    if loggedin
      can :show, :id => user.id
    end
    if( user.has_role?("fetuser") || user.has_role?("fetadmin"))

      can :showversions, Neuigkeit
      can :showintern, Neuigkeit
      can :showintern, Rubrik
      can :seeintern, User
      can :set_preferred_theme, user
      can :list, Neuigkeit
      can :shownonpublic, Rubrik
      can :manage, Nlink
    end
    if user.has_role?("newsadmin") || user.has_role?("fetadmin")
      can :addmoderator, Rubrik
    end
    if user.has_role?("fetadmin")
      can :addfetuser, User
      can :addfetadmin, User
      can :add_role, User
      can :show, User
      can :index, User
      can :edit, User
      can :manage, User
      can :set_preferred_theme, User
    end

    if user.has_role?("newsadmin") || user.has_role?( "fetadmin") || user.has_role?( "fetuser")
      can :manage, Rubrik
      can :manage, Neuigkeit
      can :showunpublished, Neuigkeit
    end
    unless user.has_role?("fetadmin")
      cannot :delete, Rubrik
      cannot :delete, Neuigkeit
    end
    # Calendar

    if( user.has_role?("fetuser") || user.has_role?("fetadmin"))
      can [:show, :edit, :update,:new,:create,:write, :write_etherpad, :read_from_etherpad, :dump_to_etherpad, :search], Document
      can :manage, Meeting
      can :manage, Meetingtyp
    end
    if user.has_role?("fetadmin")
      can :manage, Document
    end
    if loggedin
    end
    can :show, Document, :typ=>11
    unless user.has_role?( "fetadmin")
      cannot :delete, Document
      cannot :delete, Meeting
    end
    if user.has_role?( "fetadmin")
      can :manage, Meetingtyp

    end

    # Rechteverwaltung Kalender
    can [:show, :index], Calendar, :public => true
    can [:showics], Calendar
    # can [:show], Calentry
    if  (!k.nil? && k.typ==1 && (k.user.has_role?("fetuser")||k.user.has_role?("fetadmin")))
      if k.parent.nil?
        can [:show,:index], Calendar
      else
        can [:show], Calendar, id: k.parent_id
      end
    end

    if( user.has_role?("fetuser") || user.has_role?("fetadmin"))
      can [:show,:index], Calendar
      can  [:edit, :update,:new,:create,:verwalten], Calendar
      can  [:edit, :update,:new,:create,:verwalten,:delete], Calentry
    end
    if( user.has_role?("fetadmin"))
      can [:delete],Calendar
      can [:delete],Calentry
      can :doadmin, User
    end

    if user.has_role?("fetadmin")
      can :emails,User
    end

  end
end