<?php

namespace TwoFAS\TwoFAS\Notifications;

use TwoFAS\TwoFAS\Helpers\URL;
use TwoFAS\TwoFAS\Http\Route;

class Notification_Repository {

	/**
	 * @var URL
	 */
	private $url;

	/**
	 * @var array
	 */
	private $notifications;

	/**
	 * @param URL $url
	 */
	public function __construct( URL $url ) {
		$this->url = $url;

		$reset_password = $this->generate_link_to_action( Route::ACTION_RESET_PASSWORD, 'here' );
		$create_account = $this->generate_link_to_action( Route::ACTION_CREATE_ACCOUNT, 'here' );

		$this->notifications = array(
			// Plugin overall notifications
			'installation-not-completed'    => 'Please click ' . $create_account . ' to go to the <strong>2FAS Admin</strong>',
			'logged-in'                     => 'You have been logged in to your 2FAS account',
			'logged-out'                    => 'You have been logged out from 2FAS',
			'plugin-enabled'                => '2FAS plugin has been enabled',
			'plugin-disabled'               => '2FAS plugin has been disabled',
			'csrf'                          => 'CSRF token is invalid',
			'ajax'                          => 'Invalid AJAX request',
			'plan-updated'                  => 'Plan has been changed',
			'credit-card-required'          => 'Credit card required to do this action',
			'plan-downgraded-automatically' => 'Plan has been automatically downgraded because there is no credit card',
			'plugin-disabled-by-admin'      => 'Plugin has been disabled by administrator. Configuration can be changed but it will be applied when administrator enables plugin.',
			'account-exists'                => 'Account already exists',
			'premium-only'                  => 'This action is available only in premium plan.',
			'inconsistent-data'             => 'Plugin data is inconsistent',
			'session-tables'                => 'Session tables does not exists',
			'roles-saved'                   => 'Users with the selected roles have been obligated to use 2FA.',
			'logging-enabled'               => 'Error logging has been enabled.',
			'logging-disabled'              => 'Error logging has been disabled.',
			'second-factor-status-disabled' => 'Cannot perform this action because second factor is disabled.',

			'account-required' => 'Before starting to use 2FAS plugin, ' .
				'you have to create 2FAS account or log in to the existing one',

			'email-sent'                       => 'If you entered a valid e-mail, ' .
				'you will receive the instructions to reset your password. Please check your inbox.',

			// Validation
			'email-required'                   => 'Please enter your e-mail',
			'email-invalid'                    => 'E-mail is invalid',
			'email-unique'                     => 'E-mail already exists, click <strong>' . $reset_password . '</strong> to reset your password',
			'password-required'                => 'Please enter your password',
			'password-confirmed'               => 'Password confirmation does not match password',
			'password-min'                     => 'Password should have at least 6 characters',
			'invalid-credentials'              => 'Invalid credentials entered',
			'token-validation'                 => 'Wrong token format, please check entered token',
			'token-empty'                      => 'Token cannot be empty',
			'totp-secret-empty'                => 'TOTP secret is empty',
			'totp-secret-validation'           => 'Invalid TOTP secret format',
			'token-invalid'                    => 'Wrong token entered, please enter the token again.',
			'code-invalid'                     => 'Wrong code entered, please try again',
			'code-required'                    => 'Code cannot be empty',
			'code-validation'                  => 'Code is not in a valid format or there is no valid authentication',
			'code-invalid-cannot-retry'        => 'Wrong code has been entered. ' .
				'Please take note that token has limited lifetime. You can enter your phone number again.',

			// Trusted devices
			'trusted-device-added'             => 'Your browser has been added to the trusted devices list',
			'trusted-device-already-added'     => 'Your browser is already in the trusted devices list',
			'trusted-device-removed'           => 'Trusted device has been removed',

			// User enables and disables authentication method
			'totp-enabled'                     => 'Two-factor authentication has been enabled',
			'totp-disabled'                    => 'Two-factor authentication has been disabled',
			'cannot-enable-totp'               => 'Two-factor authentication cannot be enabled because it is not configured.',
			'sms-enabled'                      => 'Backup codes - SMS/VMS have been enabled',
			'sms-disabled'                     => 'Backup codes - SMS/VMS have been disabled',
			'legacy-mode-sms-disabled'         => 'Two-factor authentication via SMS/VMS has been disabled. In order to use two-factor authentication 2FAS Tokens method must be enabled.',
			'offline-codes-enabled'            => 'Backup codes - offline have been enabled',
			'offline-codes-disabled'           => 'Backup codes - offline have been disabled',
			'configuration-removed'            => 'Configuration has been removed successfully',
			'configuration-remove-error'       => 'Error occurred during configuration removing.',
			'totp-configured'                  => 'Two-factor authentication has been configured and enabled',
			'sms-configured'                   => 'Backup codes - SMS/VMS have been configured and enabled',
			'2fa-role'                         => 'You cannot disable two-factor authentication because 2FA is obligatory.',
			'2fa-role-remove'                  => 'You cannot remove configuration because 2FA is obligatory.',
			'2fa-role-obligated'               => 'Please enable two-factor authentication because it is obligatory.',
			'please-enable-totp'               => 'Please enable 2FAS tokens in order to disable legacy mode.',
			'please-enable-obligatory-totp'    => 'Please enable 2FAS tokens because they are obligatory.',
			'please-configure-2fa'             => 'Please configure two-factor authentication because it is obligatory.',
			'please-configure-totp'            => 'Please configure 2FAS tokens in order to disable legacy mode.',
			'please-configure-obligatory-totp' => 'Please configure 2FAS tokens because they are obligatory.',

			// General errors
			'default'                          => 'Something went wrong. Please try again.',
			'db-error'                         => 'Something went wrong with database.',
			'client-error'                     => 'Could not get client data',
			'integration-error'                => 'Could not get integration data',
			'user-not-found'                   => 'User has not been found.',
			'oauth-token-not-found'            => 'OAuth token not found.',
			'entity-not-found'                 => 'Could not get data.',
			'template-not-found'               => '2FAS plugin could not find a template.',
			'template-compilation'             => 'Error occurred in 2FAS plugin during template compilation.',
			'template-rendering'               => 'Error occurred in 2FAS plugin during template rendering.',
			'authentication-expired'           => 'Your authentication session has expired. Please log in again.',
			'authentication-limit'             => 'Attempt limit exceeded. Your account has been blocked for 5 minutes.',
		);
	}

	/**
	 * @param string $key
	 *
	 * @return string
	 */
	public function get_by_key( $key ) {
		if ( ! isset( $this->notifications[ $key ] ) ) {
			return $this->notifications['default'];
		}

		return $this->notifications[ $key ];
	}

	/**
	 * @param string $action
	 * @param string $text
	 *
	 * @return string
	 */
	private function generate_link_to_action( $action, $text ) {
		$url = $this->url->create( ROUTE::SUBMENU_DASHBOARD, $action );

		return '<a href=' . $url . '>' . $text . '</a>';
	}
}