<?php
session_start();

require_once __DIR__ . '/../db/config.php';

// Function to check if a user is logged in
function is_logged_in() {
    return isset($_SESSION['user_id']);
}

// Function to require a user to be logged in to access a page
function require_login() {
    if (!is_logged_in()) {
        header('Location: ../login.php');
        exit();
    }
}

// Function to check if the current user is an admin
function is_admin() {
    if (!is_logged_in()) {
        return false;
    }
    // If impersonating, the original user must be an admin
    $user_id = $_SESSION['original_user_id'] ?? $_SESSION['user_id'];
    
    $db = db();
    $stmt = $db->prepare('SELECT roles.name FROM users JOIN roles ON users.role_id = roles.id WHERE users.id = ?');
    $stmt->execute([$user_id]);
    $role = $stmt->fetchColumn();
    
    return in_array($role, ['Super Admin', 'Agency Admin']);
}

// Function to require admin privileges
function require_admin() {
    if (!is_admin()) {
        // Redirect to portal index if not an admin
        header('Location: ../index.php');
        exit();
    }
}

// Function to start impersonating a user
function impersonate_user($user_id_to_impersonate) {
    if (!is_admin()) {
        return false; // Only admins can impersonate
    }
    // Prevent impersonating another admin for security
    $db = db();
    $stmt = $db->prepare('SELECT roles.name FROM users JOIN roles ON users.role_id = roles.id WHERE users.id = ?');
    $stmt->execute([$user_id_to_impersonate]);
    $role_to_impersonate = $stmt->fetchColumn();

    if (in_array($role_to_impersonate, ['Super Admin', 'Agency Admin']) && $_SESSION['user_id'] != $user_id_to_impersonate) {
         // Allow admins to view their own profile without triggering this rule
        return false;
    }

    if (!isset($_SESSION['original_user_id'])) {
        $_SESSION['original_user_id'] = $_SESSION['user_id'];
    }
    $_SESSION['user_id'] = $user_id_to_impersonate;
    return true;
}

// Function to stop impersonating
function stop_impersonating() {
    if (isset($_SESSION['original_user_id'])) {
        $_SESSION['user_id'] = $_SESSION['original_user_id'];
        unset($_SESSION['original_user_id']);
        return true;
    }
    return false;
}

// Function to check if currently impersonating
function is_impersonating() {
    return isset($_SESSION['original_user_id']);
}

// Function to get the current user's data (handles impersonation)
function current_user() {
    if (!is_logged_in()) {
        return null;
    }
    $db = db();
    $stmt = $db->prepare('SELECT users.*, roles.name AS role_name FROM users LEFT JOIN roles ON users.role_id = roles.id WHERE users.id = ?');
    $stmt->execute([$_SESSION['user_id']]);
    return $stmt->fetch(PDO::FETCH_ASSOC);
}

// Function to get the original admin user if impersonating
function original_user() {
    if (!is_impersonating()) {
        return null;
    }
    $db = db();
    $stmt = $db->prepare('SELECT users.*, roles.name AS role_name FROM users LEFT JOIN roles ON users.role_id = roles.id WHERE users.id = ?');
    $stmt->execute([$_SESSION['original_user_id']]);
    return $stmt->fetch(PDO::FETCH_ASSOC);
}