VendorByCu.i

<?php

/**
 * Class VendorByCu
 * Copyright 07/2019 HomeCu LLC
 *
 * Outputs a basic report showing what vendors are used by which credit unions.
 * Aid in migration tool.
 *
 * Usage:
 *
 * $obj = new VendorByCu();
 * echo $obj
 *  ->set('dbh', $dbh)
 *  ->set('SYS_TYPE_UPG_TEST', $SYS_TYPE_UPG_TEST)
 *  ->set('SYS_TYPE_CLOSED', $SYS_TYPE_CLOSED)
 *  ->VendorByCuReport();
 *
 * Odyssey uses Google Oauth. TO TEST LOCALLY get your my.homecu.net
 * auth cookie and in your code that calls this class add
 *
 * ->set('dev_oauth', 'your homecu_dev_oauth2_proxy cookie value')
 *
 * . . . or all your my.homecu.net CU's will show no trusted vendors.
 *
 * @param object $dbh database resource
 * @param int $SYS_TYPE_UPG_TEST
 * @param int $SYS_TYPE_CLOSED
 * @return string HTML
 */
class VendorByCu
{
  /** @var object|null $dbh DB resource */
  protected $dbh;

  /** @var int $SYS_TYPE_UPG_TEST S/B 128 */
  protected $SYS_TYPE_UPG_TEST;

  /** @var int $SYS_TYPE_CLOSED S/B 64 */
  protected $SYS_TYPE_CLOSED;

  /** @var bool $download obvious */
  protected $download = false;

  /** @var string|null, see comments above */
  protected $dev_oauth = null;

  /** @var string $cu_index for links on CU names */
  protected $cu_index = 'hcuadm/cuindex.prg';

  /** @var string Remote server query url, prepended with protocol and server from below */
  protected $cu_trusted_url = 'homecu.net/hcuadm/CuVendorListApi.prg';

  /** @var string $trusted_master the T.V. table name so it's not hard coded down in the code */
  protected $trusted_master = 'cutrustedmaster';

  /** @var string $cu_admin the table containing the CU ID */
  protected $cu_admin = 'cuadmin';

  /** @var string the table containing the CU Info, which is where we actually get the list */
  protected $cu_info = 'cuinfo';

  /** @var array $cu_data store CU's and their T.V. data ['cu'] => [vendor array] */
  protected $cu_data = [];

  /** @var array $trusted_vendors store T.V.'s internally for our headers and columns */
  protected $trusted_vendors = [];

  /** @var array $external_servers to query - don't need dev www4, and no valid CU's on www */
  protected $external_servers = ['my', 'www3', 'www5', 'www6'];

  /**
   * All we're doing in the constructor is setting the download property if it exists in $_GET.
   * @return void
   * @throws Exception
   */
  public function __construct()
  {
    $this->InitDownloadFlag();
  }

  /**
   * Entry point.
   * @throws Exception
   * @return string (HTML) or csv (download)
   */
  public function VendorByCuReport()
  {
    $this
      ->GetMasterData()
      ->GetCuLocalData()
      ->GetTvClients();

    $content =
      $this->OutputReportHeader() .
      $this->OutputReportBody() .
      $this->OutputReportFooter();

    if ($this->IsDownload()) {
      return $this->DownloadCsv($content);
    }

    return $content;
  }

  /**
   * Because of this tightly coupled system that mixes logic and output, we need a
   * pubic method to avoid HTML being printed if we are trying to download.
   * @return bool
   */
  public function IsDownload()
  {
    return $this->download === true;
  }

  /**
   * If they've clicked download, set the flag.
   * @return $this
   */
  protected function InitDownloadFlag()
  {
    if (isset($_GET['download'])) {
      $this->download = true;
    }

    return $this;
  }

  /**
   * Output the data for download.
   * @param $content
   * @return string
   */
  protected function DownloadCsv($content)
  {
    $length = strlen($content) + 1;
    header("Content-type: bad/type");
    header("Content-length: " . $length);
    header("Content-Disposition: attachment; filename=\"vendor-by-cu-". date('Y-m-d') . ".csv\"");
    return $content;
  }

  /**
   * Get the master data record.
   *  any DB query, count excepted, should always be an array.
   * @return $this
   * @throws Exception
   */
  protected function GetMasterData()
  {
    $sql = "select * from {$this->trusted_master} order by trustedvendor";
    try {
      $res = db_query($sql, $this->dbh);
    } catch (Exception $e) {
      throw new Exception("Exception getting master data: {$e->getMessage()} " . pg_last_error($this->dbh));
    }

    while ($row = db_fetch_assoc($res)) {
      $this->trusted_vendors[$row['trustedid']] = $row['trustedvendor'];
    }

    return $this;
  }

  /**
   * Query each of $this->external_servers at the CuVendorListApi.prg URL for which T.V.'s are
   * associated with which CU's. Set into the existing trusted vendors array.
   * @return $this
   */
  protected function GetTvClients()
  {
    $trusted_arr = array_keys($this->trusted_vendors);

    foreach ($this->external_servers as $server) {

      $ext = $this->GetExternalTrustedData($server, $trusted_arr);
      $this->MergeClientsToCuData($server, $ext);
    }

    return $this;
  }

  /**
   * Get the CU data from info; we need the CU Id from cuadmin and and the trusted vendor data
   * from cu trusted vendors. Join admin and vendors on info to get all CU's.
   * @return $this
   * @throws Exception
   */
  protected function GetCuLocalData()
  {
    try {
      $res = db_query($this->LocalDataSql(), $this->dbh);

      while ($row = db_fetch_assoc($res)) {

        // Why the white space in DB values?
        $cu = trim($row['cu']);

        if (! isset($this->cu_data[$cu]['vendor'])) {
          $this->cu_data[$cu]['vendor'] = trim($row['vendor']);
          $this->cu_data[$cu]['server'] = trim($row['www_server']);
          $this->cu_data[$cu]['in_setup'] = $row['in_setup'];
        }
      }
    } catch (Exception $e) {
      throw new Exception("Exception getting CU data: {$e->getMessage()} " . db_last_error());
    }

    return $this;
  }

  /**
   * Helper for GetCuLocalData().
   * @return string
   */
  protected function LocalDataSql()
  {
    return "select"
    ." coalesce ("
    . " {$this->cu_admin}.cu,"
    . " upper({$this->cu_info}.user_name),"
    . " 'none'"
    . " ) as cu,"
    . "((coalesce({$this->cu_info}.system_options, 0) & {$this->SYS_TYPE_UPG_TEST}) <> 0)::int as in_setup,"
    . " {$this->cu_info}.vendor as vendor,"
    . " {$this->cu_info}.www_server as www_server"
    . " from {$this->cu_info}"
    . " left join {$this->cu_admin}"
    . " on upper({$this->cu_admin}.user_name) = upper({$this->cu_info}.user_name)"
    . " where {$this->cu_info}.system_options & {$this->SYS_TYPE_CLOSED} = 0"
    . " order by {$this->cu_info}.user_name asc";
  }

  /**
   * Using the array of trusted ID's, query a server for the associated CU's.
   * @param string $server
   * @param array $ids
   * @return array
   */
  protected function GetExternalTrustedData($server, $ids)
  {
    $params = http_build_query(['Cu' => '', 'trustedids' => json_encode($ids)]);
    $protocol = ($server == 'localhost')? 'http' : 'https';
    $cmd = "$protocol://$server.{$this->cu_trusted_url}";

    $ch = curl_init($cmd);
    curl_setopt($ch,CURLOPT_COOKIE, $this->setCurlCookies($server));
    curl_setopt($ch,CURLOPT_USERPWD,"nobody:no1home");
    curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
    curl_setopt($ch,CURLOPT_POST, true);
    curl_setopt($ch,CURLOPT_POSTFIELDS, $params);
    //curl_setopt($ch, CURLOPT_VERBOSE, true);

    $rawresp = curl_exec($ch);

    return HCU_JsonDecode($rawresp, true);
  }

  /**
   * Allows a dev cookie to test locally via the setter, see comments at head.
   * @param string $server
   * @return string
   */
  protected function setCurlCookies($server)
  {
    $cookies = "HCUTicket={$_COOKIE['HCUTicket']};";

    if ($server == 'my') {

      if ($this->dev_oauth) {
        $cookies .= ";homecu_dev_oauth2_proxy={$this->dev_oauth}";
        return $cookies;
      }

      if (isset($_COOKIE['homecu_dev_oauth2_proxy'])) {
        $cookies .= ";homecu_dev_oauth2_proxy={$_COOKIE['homecu_dev_oauth2_proxy']}";
        return $cookies;
      }
    }

    return $cookies;
  }

  /**
   * What it says, merge external server results into $this->cu_data.
   * @param string $server
   * @param array $external_data
   * @return $this
   */
  protected function MergeClientsToCuData($server, $external_data)
  {
    if (! $this->isSuccessResult($external_data)) {
      return $this;
    }

    foreach ($external_data['data'] as $key => $vendor_arr) {

      // Funky key value, but it allows us to not have to walk the array. See comments.
      list ($cu, $vendor) = explode('|', $key);

      if (
        ! $this->isRealServer($server, $cu) ||
        ! $this->CuExistsInData($cu) ||
          $this->VendorExistsInData($cu, strtoupper($vendor))
        ) {
        continue;
      }

      // Store as all upper and then do strtoupper on output so we always have a match.
      $this->cu_data[$cu]['trustedid'][] = strtoupper($vendor);
    }

    return $this;
  }

  /**
   * When querying external servers, there may be old implementations of the current CU. The
   * local record will always tell us what the **real** server is. Use to ignore others.
   * @param string $server
   * @param string $cu
   * @return bool
   */
  protected function isRealServer($server, $cu)
  {
    if ($server == 'my') {
      $server .= '.homecu.net';
    }

    if (isset($this->cu_data[$cu]['server'])) {
      return $this->cu_data[$cu]['server'] == $server;
    }

    return false;
  }

  /**
   * Helper for MergeClientsToCuData(), make sure the array members we need are all present.
   * @param array $result
   * @return bool
   */
  function isSuccessResult($result)
  {
    return
      array_key_exists('status', $result) &&
      array_key_exists('Response', $result['status']) &&
      ($result['status']['Response'] == true) &&
      array_key_exists('data', $result) &&
      is_array($result['data']);
  }

  /**
   * Helper for MergeClientsToCuData(). Does this CU exist in $this->cu_data?
   * @TODO Hmm, might we need to use this to create a new node?
   * @param string $cu
   * @return bool
   */
  protected function CuExistsInData($cu)
  {
    return array_key_exists($cu, $this->cu_data);
  }

  /**
   * Helper for MergeClientsToCuData(). Vendor already in the cu_data array? The external
   * query may return duplicates, and we've already ensured the cu_data trustedid member
   * is an array.
   * @param string $cu
   * @param string $vendor
   * @return bool
   */
  protected function VendorExistsInData($cu, $vendor)
  {
    if (
      isset($this->cu_data[$cu]['trustedid']) &&
      is_array($this->cu_data[$cu]['trustedid'])
    ) {
      return in_array($vendor, $this->cu_data[$cu]['trustedid']);
    }

    return false;
  }

  /**
   * Walk the trusted vendors and output the report head.
   * @return string
   */
  protected function OutputReportHeader()
  {
    return ($this->IsDownload())? $this->CsvHeader() : $this->HtmlHeader();
  }

  /**
   * Helper for OutputReportHeader(), prepare the text header for download.
   * @return string
   */
  protected function CsvHeader()
  {
    $header = '"Credit Union"' . ',';

    foreach ($this->trusted_vendors as $vendor_id => $name) {
      $header .= '"' . $vendor_id . '",';
    }

    return rtrim($header, "\t") . PHP_EOL;
  }

  /**
   * Helper for OutputReportHeader(), prepare the HTML output header.
   * @return string
   */
  protected function HtmlHeader()
  {
      $id = 1;

    // looks bad if we print "Credit Union" in first col, no reason to overstate the obvious.
    $header = "
    <p style=\"text-align:center\"><strong><em>If the CU does not have trusted vendors listed,
    there are no trusted vendors set up in their Trusted Details.</em></strong></p>
    <table id=\"report-by-vendor-table\">
      <tr>
        <th id=\"tv-hd-$id\" class=\"cu-name\">&nbsp;</th>
    ";

    foreach ($this->trusted_vendors as $vendor_id => $name) {

      $id++;
      $title = (! empty($name))? $name : str_replace('_', ' ', $vendor_id);

      $header .= "
        <th id=\"tv-hd-$id\" class=\"rotate\" title=\"$title\"><div><span>"
        . str_replace('_', ' ', $vendor_id) . "</span></div></th>";
    }

    $header .= '
      </tr>
    ';

    return $header;
  }

  /**
   * Output the body HTML.
   * @throws Exception
   * @return string
   */
  protected function OutputReportBody()
  {
    return ($this->IsDownload())? $this->CsvBody() : $this->HtmlBody();
  }

  /**
   * Output the body for CSV download.
   * @return string
   */
  protected function CsvBody()
  {
    $body = null;

    foreach ($this->cu_data as $cu => $trusted_array) {
      $body .= $this->OutputCsvDataRow($cu);
    }

    return $body;
  }

  /**
   * Output a row of data for download.
   * @param string $cu
   * @return string|null
   */
  protected function OutputCsvDataRow($cu)
  {
    $row = '"' . $cu . '",';

    foreach ($this->trusted_vendors as $vendor_id => $name) {

      $used = $this->setCsvCellContent($vendor_id, $cu);
      $row .= '"' . $used . '",';
    }

    $row = rtrim($row, ',') . PHP_EOL;

    return $row;
  }

  /**
   * Helper for OutputCsvDataRow(), make the cell content.
   * @param string $vendor_id
   * @param string $cu
   * @return string YES|-
   */
  protected function setCsvCellContent($vendor_id, $cu)
  {
    if (
      isset($this->cu_data[$cu]['trustedid']) &&
      is_array($this->cu_data[$cu]['trustedid']) &&
      in_array(strtoupper($vendor_id), $this->cu_data[$cu]['trustedid'])
    ) {
      return 'YES';
    }

    return '-';
  }

  /**
   * Helper for OutputReportBody(), return the body for HTML output.
   * @return string
   */
  protected function HtmlBody()
  {
    $body   = null;
    $toggle = 'odd';

    foreach ($this->cu_data as $cu => $vendors_array) {
      $toggle = ($toggle == 'even')? 'odd' : 'even';

      $body .= $this->OutputHtmlDataRow($cu, $toggle);
    }

    return $body;
  }

  /**
   * Output a row of data from tr to /tr.
   * @param string $cu
   * @param string $toggle even|odd
   * @return string|null
   */
  protected function OutputHtmlDataRow($cu, $toggle)
  {
    $link = $this->GetCuEditLink($cu);

    $row = "
    <tr class=\"$toggle\">
      <td><a href=\"$link\">$cu</a></td>";

    foreach ($this->trusted_vendors as $vendor_id => $name) {

      list ($class, $txt, $usage) = $this->SetCellAttributes($cu, $vendor_id);
      $row .= "<td class=\"$class\" title=\"$vendor_id $usage by $cu\">$txt</td>";
    }

    $row .= '
     </tr>
    ';

    return $row;
  }

  /**
   * Set a link from the HTML display to CU info.
   * @param string $cu
   * @return string
   */
  protected function GetCuEditLink($cu)
  {
    if (! (
      isset($this->cu_data[$cu]['vendor'])  &&
      isset($this->cu_data[$cu]['server'])
    )) {
      return '#';
    }

    return $this->SetServerProtocol() . "?action=fetch&rowid=$cu"
          . "&vc={$this->cu_data[$cu]['vendor']}"
          . "&wc={$this->cu_data[$cu]['server']}";
  }

  /**
   * Going to try this without HB_ENV. If it causes problems, we'll inject it.
   * @return string
   */
  protected function SetServerProtocol()
  {
    $protocol = (
      ($_SERVER['REQUEST_SCHEME'] != 'https') &&
      (getenv('HTTP_X_FORWARDED_PROTO') != 'https')
    ) ?
    'http' : 'https';

    return $protocol . '://' . strtolower($_SERVER['HTTP_HOST']) . '/' . $this->cu_index;

  }

  /**
   * Helper for outputDataRow.
   * @param string $cu
   * @param string $vendor_id
   * @return array
   */
  protected function SetCellAttributes($cu, $vendor_id)
  {
    if (
      isset($this->cu_data[$cu]['trustedid']) &&
      is_array($this->cu_data[$cu]['trustedid']) &&
      in_array(strtoupper($vendor_id), $this->cu_data[$cu]['trustedid'])
    ) {
      return ['used', '&#10004;', 'used'];
    }

    return ['not-used',  'x', 'not used'];

  }

  /**
   * Simple single responsibility or, do we want footer data and row here?
   * @return string|null;
   */
  protected function OutputReportFooter()
  {

    if ($this->IsDownload()) {
      return null;
    }

    $count = count($this->trusted_vendors) + 1;

    return '
    <tr>
      <td id="vendor-by-cu-footer" colspan="' . $count . '">
        <a href="?download" target="_blank">Download</a>
      </td>
    </tr>
    </table>
    ';
  }

  /**
   * Typical setter
   * @param string $prop
   * @param mixed $value
   * @return $this
   */
  public function set ($prop, $value)
  {
    $this->{$prop} = $value;
    return $this;
  }

}