class User < ApplicationRecord
  include EmailValidatable

  # Relations
  has_many :invitations, dependent: :destroy
  has_many :donations, dependent: :nullify

  validates_uniqueness_of :cn
  validates_length_of :cn, :minimum => 3
  validates_uniqueness_of :email
  validates :email, email: true

  lockbox_encrypts :ln_login
  lockbox_encrypts :ln_password

  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
  devise :ldap_authenticatable,
         :confirmable,
         :recoverable,
         :validatable

  def ldap_before_save
    self.email = Devise::LDAP::Adapter.get_ldap_param(self.cn, "mail").first

    dn = Devise::LDAP::Adapter.get_ldap_param(self.cn, "dn")
    self.ou = dn.split(',').select{|e| e[0..1] == "ou"}.first.delete_prefix("ou=")

    if self.confirmed_at.blank? && self.confirmation_token.blank?
      # User had an account with a trusted email address before akkounts was a thing
      self.confirmed_at = DateTime.now
    end
  end

  def reset_password(new_password, new_password_confirmation)
    self.password = new_password
    self.password_confirmation = new_password_confirmation
    return false unless valid?

    Devise::LDAP::Adapter.update_password(login_with, new_password)
    clear_reset_password_token
    save
  end

  def is_admin?
    admin ||= if admin = Devise::LDAP::Adapter.get_ldap_param(self.cn, :admin)
                !!admin.first
              else
                false
              end
  end

  def address
    "#{self.cn}@#{self.ou}"
  end

  def valid_attribute?(attribute_name)
    self.valid?
    self.errors[attribute_name].blank?
  end

  def ln_create_invoice(payload)
    lndhub = Lndhub.new
    lndhub.authenticate self
    lndhub.addinvoice payload
  end
end