# frozen_string_literal: true

module Api
    module V1
      # Recibe webhooks y lanza un PullJob
      class WebhooksController < BaseController
        rescue_from ActiveRecord::RecordNotFound, with: :platforms_answer

        # Trae los cambios a partir de un post de Webhooks:
        # (Gitlab, Github, Guitea, etc)
        def pull 
          message = I18n.with_locale(site.default_locale) do
            I18n.t('webhooks.pull.message')
          end

          GitPullJob.perform_later(site, usuarie, message)
          platforms_answer
        end

        private 

        def site 
          @site ||= Site.find_by_name!(params[:site_id])
        end

        # valida el token que envía la plataforma del webhook
        def token 
          @token ||=
            begin
              # Gitlab
              if request.headers['X-Gitlab-Token']
                request.headers["X-Gitlab-Token"]
              # Github
              elsif request.headers['X-HUB-SIGNATURE-256']
                signature(request.env['HTTP_X_HUB_SIGNATURE_256'])
              # Guitea
              else
                signature(request.env['HTTP_X_GITEA_SIGNATURE'])
              end
            end 
        end

        def token_from_signature(signature)
          payload = request.body.read  
          site.roles.where(temporal: false, rol: 'usuarie').pluck(:token).find do |token|
            new_signature = hash_mac(OpenSSL::Digest.new('sha256'), token, payload)
            @token ||= Rack::Utils.secure_compare(new_signature, signature)
          end
        end

        def usuarie
          @usuarie = site.roles.find_by!(temporal: false, rol: 'usuarie', token: token).usuarie
        end        

        def platforms_answer
          head :ok
        end
      end
    end
end