<?php

declare(strict_types=1);

namespace App\Http\Requests\Uploads;

use App\Repositories\Uploads\UploadSessionRepository;
use App\Services\Uploads\UploadTokenService;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\ValidationException;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;

final class UploadChunkRequest extends FormRequest
{
    protected function prepareForValidation(): void
    {
        $uploadError = $this->detectChunkUploadError();

        if ($uploadError !== null && $uploadError !== UPLOAD_ERR_OK) {
            $this->logChunkUploadFailure($uploadError);

            throw ValidationException::withMessages([
                'chunk' => [$this->messageForUploadError($uploadError)],
            ]);
        }
    }

    public function authorize(): bool
    {
        $user = $this->user();
        if (! $user) {
            $this->logUnauthorized('missing_user');
            $this->denyAsNotFound();
        }

        $sessionId = (string) $this->input('session_id');
        if ($sessionId === '') {
            $this->logUnauthorized('missing_session_id');
            $this->denyAsNotFound();
        }

        $token = $this->header('X-Upload-Token') ?: $this->input('upload_token');
        if (! $token) {
            $this->logUnauthorized('missing_token');
            $this->denyAsNotFound();
        }

        $sessions = $this->container->make(UploadSessionRepository::class);
        $session = $sessions->get($sessionId);
        if (! $session || $session->userId !== $user->id) {
            $this->logUnauthorized('not_owned_or_missing');
            $this->denyAsNotFound();
        }

        $tokens = $this->container->make(UploadTokenService::class);
        $payload = $tokens->get((string) $token);
        if (! $payload) {
            $this->logUnauthorized('invalid_token');
            $this->denyAsNotFound();
        }

        if (($payload['session_id'] ?? null) !== $sessionId) {
            $this->logUnauthorized('token_session_mismatch');
            $this->denyAsNotFound();
        }

        if ((int) ($payload['user_id'] ?? 0) !== (int) $user->id) {
            $this->logUnauthorized('token_user_mismatch');
            $this->denyAsNotFound();
        }

        return true;
    }

    public function rules(): array
    {
        $maxBytes = (int) config('uploads.chunk.max_bytes', 0);
        $maxKb = $maxBytes > 0 ? (int) ceil($maxBytes / 1024) : 5120;
        $chunkSizeRule = $maxBytes > 0 ? 'required|integer|min:1|max:' . $maxBytes : 'required|integer|min:1';

        return [
            'session_id' => 'required|uuid',
            'offset' => 'required|integer|min:0',
            'total_size' => 'required|integer|min:1',
            'chunk_size' => $chunkSizeRule,
            'chunk' => 'required|file|max:' . $maxKb,
            'upload_token' => 'nullable|string|min:40|max:200',
        ];
    }

    private function denyAsNotFound(): void
    {
        throw new NotFoundHttpException();
    }

    private function detectChunkUploadError(): ?int
    {
        $uploadedFile = $this->file('chunk');
        if ($uploadedFile !== null) {
            return (int) $uploadedFile->getError();
        }

        $rawError = data_get($_FILES, 'chunk.error');
        if ($rawError === null || $rawError === '') {
            return null;
        }

        return (int) $rawError;
    }

    private function messageForUploadError(int $error): string
    {
        return match ($error) {
            UPLOAD_ERR_INI_SIZE => 'The upload chunk exceeded PHP upload_max_filesize. Lower UPLOAD_CHUNK_MAX_BYTES or raise upload_max_filesize/post_max_size.',
            UPLOAD_ERR_FORM_SIZE => 'The upload chunk exceeded the allowed form upload size.',
            UPLOAD_ERR_PARTIAL => 'The upload chunk was only partially received. Check Nginx/PHP-FPM request handling and network stability.',
            UPLOAD_ERR_NO_FILE => 'No upload chunk file was received by PHP.',
            UPLOAD_ERR_NO_TMP_DIR => 'PHP upload_tmp_dir is missing or unavailable. Check the configured temporary upload directory on the server.',
            UPLOAD_ERR_CANT_WRITE => 'PHP could not write the upload chunk to the temporary directory. Check upload_tmp_dir permissions and free disk space.',
            UPLOAD_ERR_EXTENSION => 'A PHP extension stopped the upload chunk before Laravel could process it.',
            default => 'The upload chunk failed before Laravel could read it. Check PHP temporary upload storage and request size limits.',
        };
    }

    private function logChunkUploadFailure(int $error): void
    {
        $uploadTmpDir = (string) (ini_get('upload_tmp_dir') ?: sys_get_temp_dir() ?: '');
        $tmpExists = $uploadTmpDir !== '' ? is_dir($uploadTmpDir) : false;
        $tmpWritable = $tmpExists ? is_writable($uploadTmpDir) : false;

        logger()->warning('Upload chunk failed before validation completed', [
            'session_id' => (string) $this->input('session_id'),
            'user_id' => $this->user()?->id,
            'ip' => $this->ip(),
            'upload_error' => $error,
            'upload_error_message' => $this->messageForUploadError($error),
            'content_length' => $this->server('CONTENT_LENGTH'),
            'post_max_size' => ini_get('post_max_size'),
            'upload_max_filesize' => ini_get('upload_max_filesize'),
            'upload_tmp_dir' => $uploadTmpDir,
            'tmp_exists' => $tmpExists,
            'tmp_writable' => $tmpWritable,
            'raw_files' => isset($_FILES['chunk']) ? [
                'name' => $_FILES['chunk']['name'] ?? null,
                'type' => $_FILES['chunk']['type'] ?? null,
                'size' => $_FILES['chunk']['size'] ?? null,
                'tmp_name' => $_FILES['chunk']['tmp_name'] ?? null,
                'error' => $_FILES['chunk']['error'] ?? null,
            ] : null,
        ]);
    }

    private function logUnauthorized(string $reason): void
    {
        logger()->warning('Upload chunk unauthorized access', [
            'reason' => $reason,
            'session_id' => (string) $this->input('session_id'),
            'user_id' => $this->user()?->id,
            'ip' => $this->ip(),
        ]);
    }
}