{% extends "./template.html" %}
{% block content %}
{% load static %}
    <script type="text/javascript" src="{% static 'NearBeach/javascript/csrf_finder.js' %}"></script>

    <div class="card mt-4">
        <div class="card-header">
            <h1>User Information</h1>
        </div>
        <div class="card-body">
            <strong>User Information Notes</strong>
            <ul style="list-style-type: circle">
                <li>If creating a new user, and you leave the password fields blank, a randomly generated password will be given to the user.</li>
                <li>Only users with access to the DJANGO Superuser will be able to assign other users to DJANGO Superuser. Please note, this grants access to the /admin/ section of the site if it is enabled. This role is ONLY recommended for those users who are system administrators.</li>
                <li>To change a user's password, just fill out the two password fields with the new password and click on the "SAVE" button</li>
            </ul>

            <form action="{% url 'user_information' user_id %}" method="post" class="user_information">
                {% csrf_token %}
                <div id="save_state" class="alert-success">{% if not errors %}{{ save_state }}{% endif %}</div>
                {% if errors %}
                    <div class="alert-danger">{{ errors }}</div>
                {% endif %}
                <div class="form-group">
                    <label for="id_username">Username</label>
                    {{ user_information_form.username }}
                </div>
                <div class="form-row">
                    <div class="form-group col-md-6">
                        <label for="id_password1">Password</label>
                        {{ user_information_form.password1 }}
                    </div>
                    <div class="form-group col-md-6">
                        <label for="id_password2">Confirm Password</label>
                        {{ user_information_form.password2 }}
                    </div>
                </div>
                <div class="form-row">
                    <div class="form-group col-md-6">
                        <label for="id_first_name">First Name</label>
                        {{ user_information_form.first_name }}
                    </div>
                    <div class="form-group col-md-6">
                        <label for="id_last_name">Last Name</label>
                        {{ user_information_form.last_name }}
                    </div>
                </div>
                <div class="form-group">
                    <label for="id_email">Email</label>
                    {{ user_information_form.email }}
                </div>

                <div class="form-group">
                    <label for="id_is_active">Is this user active?</label>
                    {{ user_information_form.is_active }}
                </div>
                {% if is_superuser == True %}
                    <div class="form-group">
                        <label for="id_is_superuser">Is User a SuperUser? Giving this user this permission grants them to access /admin/</label>
                        {{ user_information_form.is_superuser }}
                    </div>
                {% endif %}
                <div class="form-row">
                    <input id="submit_user" type="submit" value="Save User" class="btn btn-primary form-control col-md-6">
                    <a href="{% url 'search_users' %}" class="btn btn-warning form-control col-md-6">Back to Users</a>
                </div>
            </form>
        </div>
    </div>

    <div class="card mt-4">
        <div class="card-header">
            <h2>User Group</h2>
        </div>
        <div class="card-body">
            {% if user_group_results %}
                If you require to add users to groups, <a href="{% url 'search_group' %}">please go to the group information page and assign the user there.</a>
                <table class="table table-striped table-hover">
                    <thead>
                        <tr>
                            <td>Group</td>
                            <td>Permission Set</td>
                            {% if administration_permission == 4 %}
                                <td>Delete</td>
                            {% endif %}
                        </tr>
                    </thead>
                    {% for user_group in user_group_results %}
                        <tr>
                            <td><a href="{% url 'group_information' user_group.group.group_id %}">{{ user_group.group }}</a></td>
                            <td><a href="javascript:void(0)">{{ user_group.permission_set }}</a></td>
                            {% if administration_permission == 4 %}
                                <td><a href="javascript:void(0)" onclick="remove_user_permission({{ user_group.username.id }},{{ user_group.permission_set.permission_set_id }},{{ user_group.group.group_id }})">Delete</a></td>
                            {% endif %}
                        </tr>
                    {% endfor %}
                </table>
            {% else %}
                Users are not in any groups. <a href="{% url 'search_group' %}">Please go to the groups information page to assign a user to a group.</a>
            {% endif %}
        </div>
    </div>


<script>
    $(document).ready(function() {
        //We don't want any explorers to auto fill out the passwords.
        $("#id_password1").val("");
        $("#id_password2").val("");
    });

    $("#save_state").on('submit', function() {
        //Do not prevent default - as we want to send the data in post
        $("#save_state").html("Saving current user");
    });

    function enable_submit() {
        if ($("#id_password1").val() == $("#id_password2").val()) {
            $("#submit_user").prop("disabled", false);
        } else {
           $("#submit_user").prop("disabled", true);
        }
    }

    function remove_user_permission(user_id, permission_set_id, group_id) {
            $.ajaxSetup({
                beforeSend: function (xhr, settings) {
                    if (!csrfSafeMethod(settings.type) && !this.crossDomain) {
                        xhr.setRequestHeader("X-CSRFToken", csrftoken);
                    }
                }
            });

            $.ajax({
                url: '/delete_user_permission/' + user_id + '/' + permission_set_id + '/' + group_id + '/',
                data: {},
                dataType: "HTML",
                type: "POST",
                success: function(data) {
                    window.location.reload();
                },
                error: function() {
                    //Utilising the page_alerts, it will add the error message.
                    //Add in text first
                    $("#page_alert_text").append("<hr>Error loading <strong>Remove User Permission</strong>. Can not delete user permission - please read logs.");

                    //Show the alert
                    $("#page_alert").show();
                }
            });
        }
</script>

{% endblock %}