Websites/app/controllers/yiff_rest/application_controller.rb

# frozen_string_literal: true

module YiffRest
  class ApplicationController < ::ApplicationController
    include YiffyAPIUtil
    include ::ApplicationController::CommonAssetRoutes

    before_action :check_ip_block
    before_action :validate_api_key

    def site_domain
      YiffRestRoutes::DOMAIN
    end

    def plausible_domain
      "yiff.rest"
    end

    def site_title
      "YiffyAPI"
    end

    def assets_path
      YiffMediaRoutes::DOMAIN
    end

    def site_color
      "#222222"
    end

    def validate_api_key_required
      return render_error(YiffyAPIErrorCodes::API_KEY_REQUIRED, error: "An API key is required to access this service.") if request.headers["Authorization"].blank?
      validate_api_key
    end

    def validate_api_key
      return nil if request.headers["Authorization"].blank?
      @apikey = APIKey.from_request(request, with_anon: false)
      return render_error(YiffyAPIErrorCodes::INVALID_API_KEY, error: "Invalid api key.") unless @apikey
      return render_error(YiffyAPIErrorCodes::INACTIVE_API_KEY, error: "Api key is inactive.") unless @apikey.active?
      if @apikey.disabled?
        extra = {
          reason:  @apikey.disabled_reason,
          support: "https://yiff.rest/support",
          code:    YiffyAPIErrorCodes::DISABLED_API_KEY.code,
        }
        render_error(YiffyAPIErrorCodes::DISABLED_API_KEY, error: "Your api key has been disabled by an administrator. See \"extra.reason\" for the reasoning.", extra: extra)
      end
      CurrentUser.user = @apikey.owner
    end

    def validate_images_access
      @apikey = APIKey.from_request(request)
      render_error(YiffyAPIErrorCodes::SERVICE_NO_ACCESS, error: "You do not have access to this service.") unless @apikey.images_access?
    end

    def validate_thumbs_access
      @apikey = APIKey.from_request(request)
      render_error(YiffyAPIErrorCodes::SERVICE_NO_ACCESS, error: "You do not have access to this service.") unless @apikey.thumbs_access?
    end

    def validate_shortener_access
      @apikey = APIKey.from_request(request)
      render_error(YiffyAPIErrorCodes::SERVICE_NO_ACCESS, error: "You do not have access to this service.") unless @apikey.shortener_access?
    end

    def validate_images_bulk_access
      @apikey = APIKey.from_request(request)
      render_error(YiffyAPIErrorCodes::SERVICE_NO_ACCESS, error: "You do not have access to this service.") unless @apikey.images_bulk_access?
    end

    def handle_ratelimit
      info, body, rlheaders = RateLimiter.process(request)
      headers.merge!(rlheaders)
      return if info.nil?
      # noinspection RubyCaseWithoutElseBlockInspection
      case info
      when :INVALID_KEY
        render_error(YiffyAPIErrorCodes::INVALID_API_KEY, error: "Invalid api key.")
      when :RATELIMIT_SHORT
        render_error(YiffyAPIErrorCodes::RATELIMIT_ROUTE, error: "Request Limit Exceeded", info: body)
      when :RATELIMIT_LONG
        render_error(YiffyAPIErrorCodes::RATELIMIT_GLOBAL, error: "Request Limit Exceeded", info: body)
      end
    end

    def check_ip_block
      Websites.config.blocked_ip_addresses.each do |block|
        next unless block[:ip] == request.remote_ip
        render_error(YiffyAPIErrorCodes::IP_BLOCKED, error: "You have been blocked from accessing this service.", extra: {
          reason: block[:reason],
          help:   "https://yiff.rest/support",
        })
        break
      end
    end

    def user_access_check(method)
      access_denied(message: "You do not have access to that.") unless CurrentUser.send(method)
    end

    APIUser::Levels.constants.each do |constant|
      define_method("#{constant.downcase}_only") do
        user_access_check("is_#{constant.downcase}?")
      end
    end
  end
end