<?php
    session_start();
		require('../incl/const.php');
    require('../class/database.php');
    require('../class/user.php');
		
    $result = ['success' => false, 'message' => 'Error while processing your request!'];

    if(isset($_SESSION['user']) && $_SESSION['user']->accesslevel == 'Admin') {
			$database = new Database(DB_HOST, DB_NAME, DB_USER, DB_PASS, DB_PORT, DB_SCMA);
	    $obj = new user_Class($database->getConn(), $_SESSION['user']->id);
			$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
			
				if(($id > 0) && !$obj->isOwnedByUs($id)){
					$result = ['success' => false, 'message' => 'Action not allowed!'];
	
				}else if(isset($_POST['save'])) {
            $newId = 0;

            if($id) { // update
                $obj->update($_POST);
            }
            else { // insert
                $newId = $obj->create($_POST);
            }

            $result = ['success' => true, 'message' => 'Data Successfully Saved!', 'id' => $newId];
        
				} else if(isset($_POST['delete']) && ($id != 1)) {

					$ref_ids = array();
					$ref_name = null;
					$tbls = array('map', 'access_groups', 'permalink');
					
					foreach($tbl as $k){
						$rows = $database->getAll('public.'.$k, 'owner_id = '.$id);							
						foreach($rows as $row){
							$ref_ids[] = $row[$k.'_id'];
						}
						
						if(count($ref_ids) > 0){
							$ref_name = $k;
							break;
						}
					}						
					
					if(count($ref_ids) > 0){
						$result = ['success' => false, 'message' => 'Error: Can\'t delete because user owns '.$ref_name.'(s) ' . implode(',', $ref_ids) . '!' ];
					}else {
						
						$result = $obj->getById($id);
						$row = pg_fetch_assoc($result);
						pg_free_result($result);
						
	          $ret_val = $obj->delete($id);
						if($ret_val){
							shell_exec('sudo /usr/local/bin/delete_ftp_user.sh '.$row['ftp_user']);
						}
	          $result = ['success' => $ret_val, 'message' => 'Data Successfully Deleted!'];
					}
        }
    }

    echo json_encode($result);
?>