######################################################################
#
#  EPrint Editor
#
#   Allows staff to remove EPrints or transfer them back to the
#   submission buffer.
#
######################################################################
#
#  __LICENSE__
#
######################################################################
#
# modified to allow editing by the submitting user -- CSL
# slightly modified by Antje
#
use EPrints::EPrint;
use EPrints::Session;

use strict;

#cjg check item is editable by this user.

#cjg remove does not work

my $session = EPrints::Session->new();

# Check we have privs
##CSL the depositer should be able to edit it
#if( !$session->auth_check( "editor" ) )
if( !defined $session->current_user )
{
	$session->terminate();
	exit( 0 );
}

my( $title, $page ) = &process( $session );

$session->terminate();



sub process
{
	my( $session ) = @_;

	my $datasetid = $session->param( "dataset" );

	# When in doubt, use the main archive.

	$datasetid = "archive" if( !defined $datasetid );
	if( $datasetid ne "archive" && 
    		$datasetid ne "inbox" && 
    		$datasetid ne "deletion" && 
    		$datasetid ne "buffer" )
	{
		$datasetid = "archive";
	}
	
	my $dataset = $session->get_archive()->get_dataset( $datasetid );

	my $eprintid = $session->param( "eprintid" );

	my $eprint = new EPrints::EPrint( $session, $eprintid, $dataset );
	my $action = $session->get_action_button();

	if( !defined $eprint )
	{
		$session->render_error( $session->html_phrase(
			"cgi/users/edit_eprint:cant_find_it",
			id=>$session->make_text( $eprintid ) ) );
		return;
	}

##CSL check whether current user can edit this item
	my $can_edit=0;
	###Antje - the user should only be able to edit a eprint if it is in the main archive and not in the buffer or inbox
	###($datasetid eq "buffer" || $datasetid eq "inbox")
	if( $datasetid eq "archive" && $session->current_user->get_value("userid") == $eprint->get_value("userid") )
	{
		$can_edit=1;
	}
	elsif( !$session->auth_check( "editor" ) )
	{
		return;
	}
	my $user_ds = $session->get_archive()->get_dataset( "user" );

	my $ef_field = $user_ds->get_field( 'editperms' );
	my $searches = $session->current_user->get_value( 'editperms' );
	if( scalar @{$searches} == 0 )
	{
		$can_edit = 1;
	}

	foreach my $s ( @{$searches} )
	{
		next if( $can_edit ); # skip the rest if one matches

		my $search = $ef_field->make_searchexp( $session, $s );
		if( $search->get_conditions->item_matches( $eprint ) )
		{
			$can_edit = 1;
		}
		$search->dispose;
	}

	unless( $can_edit )
	{
		$session->render_error( $session->html_phrase(
			"cgi/users/edit_eprint:cant_edit",
			id=>$session->make_text( $eprintid ) ) );
		return;
	}


	if( !defined $action )
	{
		&view_page( $session, $eprint );
		return;
	}

	if( $action eq "_toinbox" )
	{
		# Bounce button pressed - get reason
		&bounce_form( $session, 0, $eprint );
		return;
	}

	if( $action eq "_remove" )
	{
		# Remove button pressed - get reason
		&bounce_form( $session, 1, $eprint );
		return;
	}

	if( $action eq "_send" )
	{
		# Actually do the bounce
		&bounce( $session, $eprint );
		return;
	}

	if( $action eq "_toarchive" )
	{	
		# Accept button pressed

		my $dsid = $eprint->get_dataset()->id();

		unless( $eprint->move_to_archive() )
		{
			$session->render_error( $session->html_phrase(
				"cgi/users/edit_eprint:cant_move",
				id=>$session->make_text( $eprintid ) ) );
			return;
		}

		# Successfully archived, redirect
		if( $dsid eq "buffer" )
		{
			$session->redirect( "buffer" );
		}
		else
		{
			$session->redirect( $session->get_archive()->get_conf( "userhome" ) );
		}
		return;
	}

	if( $action eq "_tobuffer" )
	{
		
		unless( $eprint->move_to_buffer() )
		{
			$session->render_error( $session->html_phrase(
				"cgi/users/edit_eprint:cant_move",
				id=>$session->make_text( $eprintid ) ) );
			return;
		}

		my $page = $session->make_doc_fragment();
		

		#Antje - only the editor and the admin should move the eprints from the buffer to the archive
		if($session->current_user->has_priv( "editor" ))
		{
			$page->appendChild( $session->html_phrase( 
				"cgi/users/edit_eprint:moved",
				link=>$session->render_link( "edit_eprint?dataset=buffer&eprintid=".$eprintid ) ) );
		}else
		{	#Antje - insert the phrase "cgi/users/edit_eprint:thanks" into the "system-phrases-xx.xml" file
			$page->appendChild($session->html_phrase("cgi/users/edit_eprint:thanks"));
		}
		#
			
		$page->appendChild( $session->html_phrase("general:userhome_link" ) );
		$session->build_page( $session->html_phrase( "cgi/users/edit_eprint:move_title" ), $page, "move_eprint" );
		$session->send_page();
		return;
	}

	if( $action eq "_todeletion" )
	{
		unless( $eprint->move_to_deletion() )
		{
			$session->render_error( $session->html_phrase(
				"cgi/users/edit_eprint:cant_remove",
				id=>$session->make_text( $eprintid ) ) );
			return;
		}
		my $page = $session->make_doc_fragment();
		$page->appendChild( $session->html_phrase( 
			"cgi/users/edit_eprint:removed" ) );
		$page->appendChild( $session->html_phrase( 
			"general:userhome_link" ) );
		$session->build_page( $session->html_phrase( "cgi/users/edit_eprint:remove_title" ), $page, "move_removed" );
		$session->send_page();
		return;
	}

	if( $action eq "_clone" )
	{
        my $new_eprint = $eprint->clone( $session->get_archive()->get_dataset( "buffer" ), 1 );
		unless( defined $new_eprint )
		{
			$session->render_error( $session->html_phrase(
				"cgi/users/edit_eprint:cant_clone",
				id=>$session->make_text( $eprintid ) ) );
			return;
		}
		
        $session->redirect( "edit_eprint?dataset=buffer&eprintid=".$new_eprint->get_id() );
		return;
	}

	#########################################################
	
	# OK, so we are (presumably) editing it then...

	my $stage = $session->param( "stage" );
	# If we are skipping the files stage then we have to work out what the
	# actual last stage is...
	my $laststage = "files";
	my @stages = ( "meta","linking","type" );
	while( $session->get_archive()->get_conf( "submission_stage_skip", $laststage ) )
	{
		$laststage = pop @stages;
		last if( $laststage eq "type" );
	}
	my $ls = $session->get_archive()->get_conf( "submission_stage_last_for_staff_edit" );
	$laststage = $ls if( defined $ls );

	if( defined $stage && $laststage eq $stage && defined $action && ($action eq "finished" || $action eq "next") )
        {
                # Intercept the verify page, that's what we were doing!
                $session->redirect( "edit_eprint?dataset=$datasetid&eprintid=$eprintid" );
                return;
        }

	# Give other cases to the edit form
	my $subform = new EPrints::SubmissionForm(
		$session,
		"edit_eprint?dataset=$datasetid&eprintid=$eprintid",
##CSL		1,
 		$session->current_user->has_priv( "editor" ) ? 1 : 0,
		$dataset,
		"edit_eprint" );

	$subform->process();
	
	if( $dataset->id eq "archive" || $dataset->id eq "deletion" )
	{
		# If the eprint is in the main archive or deletion area
		# then we need to update its webpage. This will make editing
		# even slower, but editing the main db SHOULD be a rare thing
		# anyway.

		# get it from the DB again - it's probably changed.
		my $eprint = new EPrints::EPrint( 
			$session, 
			$eprintid,
			$dataset );

		# update the static pages.
		$eprint->generate_static;
	}
	return;

}

# Show metadata & options:

sub view_page
{
	my( $session, $eprint ) = @_;

	my $page = $session->make_doc_fragment();
	
	$page->appendChild( $session->html_phrase( 
		"cgi/users/edit_eprint:status",
		dataset => $session->html_phrase( "dataset_fieldopt_dataset_".$eprint->get_dataset()->id() ) ) );
	
	$page->appendChild( $eprint->render_full() );
			
	# Possible actions
	# inbox buffer archive deletion
	#   *     *       *       *      edit
	#   *     *                      remove - and send message to depositing user
	#         *                      move to inbox - and send message to user
	#   *             *              move to buffer  - "
	#         *               *      move to archive  - "
	#                 *              move to deletion  - "
	#   *     *       *       *      clone to buffer

	# actions for this form begin with _ (except edit and
	# those passed to submission form)

	my $buttons = {};
	my $r1 = [];
	my $r2 = [];
	if( $eprint->get_dataset()->id() eq "inbox" )
	{
		$r1 = [ "_tobuffer" ];
		$r2 = [ "edit", "_remove", "_clone" ];
	}
	if( $eprint->get_dataset()->id() eq "buffer" )
	{
		$r1 = [];
		# only offer to return this to the inbox
		# if it's owned by a valid user.
		if( defined $eprint->get_user() )
		{
			push @{$r1}, "_toinbox";
		}
		push @{$r1}, "_toarchive";
		$r2 = [ "edit", "_remove", "_clone" ];
	}
	if( $eprint->get_dataset()->id() eq "archive" )
	{
		$r1 = [ "_tobuffer", "_todeletion" ];
		$r2 = [ "edit", "_clone" ];
	}
	if( $eprint->get_dataset()->id() eq "deletion" )
	{
		$r1 = [ "_toarchive" ];
		$r2 = [ "edit", "_clone" ];
	}
##CSL
if( ! $session->current_user->has_priv( "editor" ) )
{
	#Antje - Except of the editor and the administrator the user should only be able to edit this eprint
	#$r2 = [ "edit", "_clone" ];
	$r2 = ["edit"];
}
#
	my $form = $session->render_form( "post", "edit_eprint" );
	foreach( @{$r1}, @{$r2} )
	{
		$buttons->{$_} = $session->phrase( "cgi/users/edit_eprint:action_".$_ );
	}
#CSL
#Antje (remove if-clause) - the user should also be able to move the eprint to the buffer 
#if( $session->current_user->has_priv( "editor" ) ){	
		$form->appendChild( $session->render_ruler() );
		$buttons->{_order} = $r1;
		$form->appendChild( $session->render_action_buttons( %{$buttons} ) );
##	}
##
	
	$form->appendChild( $session->render_ruler() );
	$buttons->{_order} = $r2;
	$form->appendChild( $session->render_action_buttons( %{$buttons} ) );
	

	$form->appendChild( $session->render_hidden_field( "eprintid", $eprint->get_id() ) );
	$form->appendChild( $session->render_hidden_field( "dataset", $eprint->get_dataset()->id() ) );

	$page->appendChild( $form );
	$page->appendChild( $session->html_phrase( "general:userhome_link" ) );
		
	$session->build_page( $session->html_phrase( "cgi/users/edit_eprint:form_title" ), $page, "move_form" );
	$session->send_page();
}


sub bounce_form
{
	my( $session, $delete, $eprint ) = @_;

	# Get the user's details
	my $user = $eprint->get_user();
	# We can't bounce it if there's no user associated - but
	# we can still delete it.
	if( !defined $user && !$delete)
	{
		$session->render_error( 
			$session->html_phrase( "cgi/users/edit_eprint:no_user" ),
			"buffer" );
		return;
	}

	my $page = $session->make_doc_fragment();

	my $form = $session->render_form( "post", "edit_eprint" );
	if( defined $user )
	{
		$page->appendChild( $session->html_phrase( "cgi/users/edit_eprint:bounce_form_intro", langpref=>$user->render_value( "lang" ) ) );
		my $div = $session->make_element( "div", class => "formfieldinput" );
		my $textarea = $session->make_element(
			"textarea",
			name => "reason",
			rows => 20,
			cols => 60,
			wrap => "virtual" );
		# remove any markup:
		my $title = $session->make_text( EPrints::Utils::tree_to_utf8( $eprint->render_description() ) );
	
		$textarea->appendChild( $session->html_phrase(
			( $delete ? "mail_delete_reason" : "mail_bounce_reason" ),
			title => $title ) );
		$div->appendChild( $textarea );
		$form->appendChild( $div );

		$form->appendChild( $session->render_action_buttons(
			"_send" => $session->phrase( "cgi/users/edit_eprint:action_send" ) ) );
	}
	else
	{
		my $p = $session->make_element( "p" );
		$p->appendChild( $eprint->render_description() );
		$form->appendChild( $p );

		$form->appendChild( $session->render_action_buttons(
			"_send" => $session->phrase( "cgi/users/edit_eprint:action_reallydelete" ) ) );
	}
	

	$form->appendChild( $session->render_hidden_field( "eprintid", $eprint->get_value( "eprintid" ) ) );
	$form->appendChild( $session->render_hidden_field( "dataset", $eprint->get_dataset()->id() ) );
	$form->appendChild( $session->render_hidden_field( "delete", $delete ) );

	$page->appendChild( $form );

	$session->build_page(
		$session->html_phrase( "cgi/users/edit_eprint:title_".( $delete ? "delete" : "bounce" )."_form" ),
		$page,
		"editeprint_form" );
	$session->send_page();
}


sub bounce
{
	my( $session, $eprint ) = @_;

	my $delete = $session->param( "delete" );

	# Get the user's details
	my $user = $eprint->get_user();
	# We can't bounce it if there's no user associated - but
	# we can still delete it.
	if( !defined $user && !$delete)
	{
		# Can't find the user
		$session->render_error( 
			$session->html_phrase( "cgi/users/edit_eprint:no_user" ),
			"buffer" );
		return;
	}
	
	my $success = 0;
	
	if( $delete )
	{
		# Delete the submission
		$success = $eprint->remove();
	}
	else
	{
		# Transfer the EPrint back to the user's inbox
		$success = $eprint->move_to_inbox();
	}
	
	unless( $success )
	{
		# Couldn't be bounced at all
		$session->render_error( 
			$session->html_phrase( "cgi/users/edit_eprint:bord_fail" ),
			"buffer" );
		return;
	}

	if( !defined $user )
	{
		# Can't send mail to a user what does not
		# exist.
		$session->redirect( "buffer" );
		return;
	}

	my $mail = $session->make_element( "mail" );
	$mail->appendChild( $session->make_text( $session->param( "reason" ) ) );

	# Successfully transferred, mail the user with the reason
	if( $user->mail(
		"cgi/users/edit_eprint:subject_bounce",
		$mail,
		$session->current_user() ) )
	{	
		# Successfully bounced, redirect
		$session->redirect( "buffer" );
		return;
	}

	# Couldn't mail
	$session->render_error( 
		$session->html_phrase( "cgi/users/edit_eprint:mail_fail",
			username=>$user->render_value( "username" ),
			email=>$user->render_value( "email" ) ),
		"buffer" );
}