"""Routes for edit/credentials."""
import os, json, security, utils
from bottle import Bottle, route, view, redirect, post, request, abort

credentials = Bottle()

@credentials.route("/users/<name>/credentials")
@view("credentials")
@security.require_admin
def edit_credentials(name):
    """Presents user with form to a user's password and perms."""
    users = utils.safejsonload(os.path.join("db", "users.json"))
    path = os.path.join("db", "surveys") # Make sure surveys/ or create it otherwise
    os.makedirs(path, exist_ok=True)
    surveys = next(os.walk(path))[1]

    return dict(
        name = name,
        surveys = surveys,
        allowed = users[name]["surveys"],
    )

@credentials.post("/users/<name>/credentials")
@view("credentials")
@security.require_admin
def edit_credentials(name):
    """Validate new password (if any) and apply new perms."""
    users_path = os.path.join("db", "users.json")
    users = utils.safejsonload(users_path)

    # New password
    password = request.forms.get("password")
    if password:
        if password.isprintable():
            print(password)
            salt, pw_hash = security.hash_password(password)
            users[name]["hash"] = pw_hash.hex()
            users[name]["salt"] = salt.hex()
        else:
            abort(400)

    # New permissions
    users[name]["surveys"] = request.forms.getall("surveys")
    users[name]["filters"] = utils.safejsonloads(request.forms.get("filters"))

    utils.safejsondump(users, users_path)

    redirect("/users")