<%--
  -	$Revision$
  -	$Date$
  -
  - Copyright (C) 2005-2008 Jive Software. All rights reserved.
  -
  - Licensed under the Apache License, Version 2.0 (the "License");
  - you may not use this file except in compliance with the License.
  - You may obtain a copy of the License at
  -
  -     http://www.apache.org/licenses/LICENSE-2.0
  -
  - Unless required by applicable law or agreed to in writing, software
  - distributed under the License is distributed on an "AS IS" BASIS,
  - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  - See the License for the specific language governing permissions and
  - limitations under the License.
--%>

<%@ page import="org.jivesoftware.util.ParamUtils,
                 org.jivesoftware.util.StringUtils,
                 org.jivesoftware.util.CookieUtils,
                 java.net.URLEncoder"
    errorPage="error.jsp"
%><%@ page import="org.xmpp.packet.JID"%>
<%@ page import="org.jivesoftware.openfire.roster.Roster" %>
<%@ page import="org.jivesoftware.openfire.roster.RosterItem" %>
<%@ page import="java.util.List" %>
<%@ page import="java.util.ArrayList" %>
<%@ page import="org.jivesoftware.openfire.group.Group" %>
<%@ page import="java.util.Collection" %>

<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %>
<jsp:useBean id="webManager" class="org.jivesoftware.util.WebManager" />

<% // Get parameters
    boolean cancel = request.getParameter("cancel") != null;
    String username = ParamUtils.getParameter(request, "username");
    String jid = ParamUtils.getParameter(request, "jid");
    String nickname = ParamUtils.getParameter(request, "nickname");
    String groups = ParamUtils.getParameter(request, "groups");
    Integer sub = ParamUtils.getIntParameter(request, "sub", 0);
    boolean save = ParamUtils.getBooleanParameter(request, "save");

    // Handle a cancel
    if (cancel) {
        response.sendRedirect("user-roster.jsp?username=" + URLEncoder.encode(username, "UTF-8"));
        return;
    }

    // Load the user's roster object
    Roster roster = webManager.getRosterManager().getRoster(username);

    // Load the roster item from the user's roster.
    RosterItem item = roster.getRosterItem(new JID(jid));

    Cookie csrfCookie = CookieUtils.getCookie(request, "csrf");
    String csrfParam = ParamUtils.getParameter(request, "csrf");

    if (save) {
        if (csrfCookie == null || csrfParam == null || !csrfCookie.getValue().equals(csrfParam)) {
            save = false;
        }
    }
    csrfParam = StringUtils.randomString(15);
    CookieUtils.setCookie(request, response, "csrf", csrfParam, -1);
    pageContext.setAttribute("csrf", csrfParam);
    // Handle a roster item delete:
    if (save) {
        List<String> groupList = new ArrayList<String>();
        if (groups != null) {
            for (String group : groups.split(",")) {
                groupList.add(group.trim());
            }
        }
        item.setNickname(nickname);
        item.setGroups(groupList);
        item.setSubStatus(RosterItem.SubType.getTypeFromInt(sub));
        // Delete the roster item
        roster.updateRosterItem(item);
        // Log the event
        webManager.logEvent("deleted roster item from "+username, "roster item:\njid = "+jid);
        // Done, so redirect
        response.sendRedirect("user-roster.jsp?username=" + URLEncoder.encode(username, "UTF-8") + "&editsuccess=true");
        return;
    }
%>

<html>
    <head>
        <title><fmt:message key="user.roster.edit.title"/></title>
        <meta name="subPageID" content="user-roster"/>
        <meta name="extraParams" content="<%= "username="+URLEncoder.encode(username, "UTF-8") %>"/>
    </head>
    <body>

<p>
<fmt:message key="user.roster.edit.info">
    <fmt:param value="<%= StringUtils.escapeForXML(username) %>"/>
</fmt:message>
</p>

<fieldset>
    <legend><fmt:message key="user.roster.item.settings" /></legend>
    <div>
    <table cellpadding="3" cellspacing="0" border="0" width="100%">
    <tbody>
        <tr>
            <td class="c1">
                <fmt:message key="user.roster.jid" />:
            </td>
            <td>
                <%= StringUtils.escapeHTMLTags(jid) %>
            </td>
        </tr>
        <tr>
            <td class="c1">
                <fmt:message key="user.roster.nickname" />:
            </td>
            <td>
                <%= StringUtils.escapeHTMLTags(item.getNickname()) %>
            </td>
        </tr>
        <tr>
            <td class="c1">
                <fmt:message key="user.roster.groups" />:
            </td>
            <td>
                <%
                    List<String> groupList = item.getGroups();
                    if (!groupList.isEmpty()) {
                        int count = 0;
                        for (String group : groupList) {
                            if (count != 0) {
                                out.print(",");
                            }
                            out.print(StringUtils.escapeForXML(group));
                            count++;
                        }
                    }
                    else {
                        out.print("<i>None</i>");
                    }
                %>
            </td>
        </tr>
        <tr>
            <td class="c1">
                <a href="group-summary.jsp"><fmt:message key="user.roster.shared_groups" /></a>:
            </td>
            <td>
                <%
                    Collection<Group> sharedGroups = item.getSharedGroups();
                    if (!sharedGroups.isEmpty()) {
                        int count = 0;
                        for (Group group : sharedGroups) {
                            if (count != 0) {
                                out.print(",");
                            }
                            out.print("<a href='group-edit.jsp?group="+URLEncoder.encode(group.getName(), "UTF-8")+"'>");
                            out.print(StringUtils.escapeForXML(group.getName()));
                            out.print("</a>");
                            count++;
                        }
                    }
                    else {
                        out.print("<i>None</i>");
                    }
                %>
            </td>
        </tr>
        <tr>
            <td class="c1">
                <fmt:message key="user.roster.subscription" />:
            </td>
            <td>
                <%= StringUtils.escapeHTMLTags(item.getSubStatus().getName()) %>
            </td>
        </tr>
    </tbody>
    </table>
    </div>
</fieldset>

<br><br>

<form style="display: inline" action="user-roster-edit.jsp">
<input type="hidden" name="jid" value="<%= StringUtils.escapeForXML(jid) %>">
<input type="hidden" name="username" value="<%= StringUtils.escapeForXML(username) %>">
<input type="submit" value="<fmt:message key="user.roster.edit" />">
</form>

<% if (sharedGroups.isEmpty()) { %>
<form style="display: inline" action="user-roster-delete.jsp">
<input type="hidden" name="jid" value="<%= StringUtils.escapeForXML(jid) %>">
<input type="hidden" name="username" value="<%= StringUtils.escapeForXML(username) %>">
<input type="submit" value="<fmt:message key="global.delete" />">
</form>
<% } %>

    </body>
</html>