import java.io.IOException;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.sling.SlingFilter;
import org.apache.felix.scr.annotations.sling.SlingFilterScope;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.commons.osgi.OsgiUtil;

import com.day.cq.security.Group;
import com.day.cq.security.User;

@SlingFilter(scope = SlingFilterScope.REQUEST, order = Integer.MAX_VALUE, generateComponent = false)
@Component(metatype = true, immediate = false, enabled = false)
public class BlockAllButFelixFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
    }
    
    private static final String[] DEFAULT_SUPER_GROUPS = new String[] {"administrators", "developers"};
    
    @Property(value = {}, cardinality = 1000)
    private static final String PROP_SUPER_GROUPS = "groups";
    
    private List<String> groups = null;
    
    @SuppressWarnings("unused")
    @Activate
    private void activate(Map<String,Object> config) {
        groups = Arrays.asList(OsgiUtil.toStringArray(config.get(PROP_SUPER_GROUPS), DEFAULT_SUPER_GROUPS));
    }
    
    private static boolean isUserMemberOf(User user, List<String> groups) {
        final Iterator<Group> groupsUserBelogTo = user.memberOf();
        while (groupsUserBelogTo.hasNext()) {
            if (groups.indexOf(groupsUserBelogTo.next().getID()) >= 0) {
                return true;
            }
        }
        
        return false;
    }
    
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
//        if (request instanceof HttpServletRequest && response instanceof HttpServletResponse) {
//            final HttpServletRequest httpRequest = (HttpServletRequest) request;
//            final HttpServletResponse httpResponse = (HttpServletResponse) response;
//            
//            if (!"admin".equals(httpRequest.getUserPrincipal().getName()) && !httpRequest.getPathInfo().startsWith("/system/console/")) {
//                httpResponse.sendError(503, "deployment on going...");
//                return;
//                
//            }
//        }
        if (request instanceof SlingHttpServletRequest && response instanceof SlingHttpServletResponse) {
            final SlingHttpServletRequest slingRequest = (SlingHttpServletRequest) request;
            final SlingHttpServletResponse slingResponse = (SlingHttpServletResponse) response;
            
            final User user = slingRequest.getResourceResolver().adaptTo(User.class);
            if (!slingRequest.getPathInfo().startsWith("/system/console/") && !isUserMemberOf(user, groups)) {
                slingResponse.sendError(503, "deployment on going. visit later...");
                return ;
            }

        }
        chain.doFilter(request, response);
    }

    @Override
    public void destroy() {
    }

}