<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ page trimDirectiveWhitespaces="true" %>
<%@ page import="org.crosswire.utils.Sessions" %>
<%@ page import="org.crosswire.webtools.RightsAndRoles" %>
<%@ page import="org.crosswire.community.projects.ntmss.data.Document" %>
<%@ page import="org.crosswire.community.projects.ntmss.data.Page" %>
<%@ page import="org.crosswire.xml.XMLBlock" %>
<%@ page import="org.crosswire.webtools.annotation.*" %>
<%@ page import="org.crosswire.webtools.*" %>
<%@ page import="javax.validation.constraints.NotNull" %>
<%!
@Description(value = "Submit a new or modified page for a manuscript.", name = "manuscript/putpage")
public static class MyParameters extends Parameters<MyParameters> {

	@NotNull
	@Description(value = "manuscript id", example = "10046")
	public Integer docID;

	@NotNull
	@Description(value = "page id", example = "10")
	public Integer pageID;

	@Description(value = "folio number", example = "27r")
	public String folio;

	@Override
	protected void customValidation() {
		if (getUser() == null) {
			addError(-5, "Must be logged in.");
			return;
		}
	}
}
%>
<%
MyParameters params = new MyParameters().loadFromRequest(request, response, false);

if (params.getErrors().size() == 0) {

String userName = Sessions.getSessionStringValue(request, "userName");

	StringBuffer retVal = new StringBuffer();
	Document doc = Document.getDocument(params.docID);
	if (doc == null) {
		params.addError(-6, "Document docID: " + params.docID + " not found.");
	}
	else {
		String role = "Transcription Manager";
		boolean permission = params.getUser().hasRole(role) || params.getUser().hasRole("VMR Administrator") || (params.getUser().getUserName().equals(doc.getUserID()));

		if (!permission) {
			params.getUser().includeUserRoles();
			XMLBlock ur = params.getUser().getBlock("userRoles");
			if (ur != null) {
				XMLBlock rs[] = ur.getBlocks("role");
				for (XMLBlock r : rs) {
					String roleName = r.getAttribute("roleName");
					if (roleName.startsWith("Catalog Admin:")) {
						try {
							int min = Integer.parseInt(roleName.split(":")[1].split("-")[0].trim());
							int max = Integer.parseInt(roleName.split("-")[1].trim());
							if (params.docID >= min && params.docID <= max) permission = true;
						}
						catch(Exception e) {}
					}
				}
			}
		}

		Page p = Page.getPage(params.docID, params.pageID);

		// edit an existing page
		if (p != null) {
			Page pOrig = (Page)p.clone();
//			if (p.getFolioNumber() != null && p.getFolioNumber().length() > 0 && !permission) {
//			for folios, we want anyone to be able to edit as long as they are logged in
			p.setFolioNumber(params.folio);
			p.save(pOrig);
			retVal.append("<success message=\"successfully modified page, pageID: " + params.pageID + " of docID: " + params.docID + "\" />");
		}
		// new page
		else {
			// we check permissions here instead of at the top because folio editing can be done by anyone logged in
			if (!permission) {
				params.addError(-7, "User is not the owner of this document nor has the role: " + role + ".");
			}
			else {
				p = new Page();
				p.setDocumentID(params.docID);
				p.setPageID(params.pageID);
				if (params.folio != null) {
					p.setFolioNumber(params.folio);
				}
				p.saveNew();
				retVal.append("<success message=\"successfully added new page, pageID: " + params.pageID + " to docID: " + params.docID + "\" />");
			}
		}
	}
	if (retVal.length() > 0) {
		Serializer.output(response, out, params, XMLBlock.createXMLBlock(retVal.toString()));
		return;
	}
}
else params.format = "html";
Serializer.reportErrors(request, response, out, params, true);
%>