<?php
/**
 * Access Control class
 *
 * Handles access restrictions and redirects for provider role
 *
 * @package DDHH_Job_Manager
 */

// Exit if accessed directly.
defined( 'ABSPATH' ) || exit;

/**
 * Access Control class
 */
class DDHH_JM_Access_Control {

	/**
	 * Initialize hooks
	 */
	public static function setup_hooks() {
		// Redirect providers away from WP-Admin
		add_action( 'admin_init', array( __CLASS__, 'redirect_providers_from_admin' ) );

		// Protect dashboard page (logged-in providers only)
		add_action( 'template_redirect', array( __CLASS__, 'protect_dashboard' ) );
	}

	/**
	 * Redirect providers away from WP-Admin (except profile and AJAX)
	 */
	public static function redirect_providers_from_admin() {
		// Get current user
		$user = wp_get_current_user();

		// Check if user has ddhh_provider role
		if ( ! in_array( 'ddhh_provider', (array) $user->roles, true ) ) {
			return; // Not a provider, allow access
		}

		// Allow access to profile.php (providers can edit their profile)
		// phpcs:ignore WordPress.Security.NonceVerification.Recommended
		if ( isset( $_SERVER['SCRIPT_NAME'] ) && strpos( $_SERVER['SCRIPT_NAME'], 'profile.php' ) !== false ) {
			return;
		}

		// Allow access to admin-ajax.php (needed for AJAX requests)
		// phpcs:ignore WordPress.Security.NonceVerification.Recommended
		if ( isset( $_SERVER['SCRIPT_NAME'] ) && strpos( $_SERVER['SCRIPT_NAME'], 'admin-ajax.php' ) !== false ) {
			return;
		}

		// Get dashboard page URL
		$dashboard_page_id = get_option( 'ddhh_jm_dashboard_page_id' );
		if ( ! $dashboard_page_id ) {
			return; // Dashboard page not created yet
		}

		$dashboard_url = get_permalink( $dashboard_page_id );
		if ( ! $dashboard_url ) {
			return; // Could not get dashboard URL
		}

		// Redirect to dashboard
		wp_redirect( $dashboard_url );
		exit;
	}

	/**
	 * Protect dashboard page (logged-in providers only)
	 */
	public static function protect_dashboard() {
		// Get dashboard page ID
		$dashboard_page_id = get_option( 'ddhh_jm_dashboard_page_id' );
		if ( ! $dashboard_page_id ) {
			return; // Dashboard page not created yet
		}

		// Check if current page is dashboard page
		if ( ! is_page( $dashboard_page_id ) ) {
			return; // Not dashboard page
		}

		// Check if user is logged in
		if ( ! is_user_logged_in() ) {
			// Get login page URL
			$login_page_id = get_option( 'ddhh_jm_login_page_id' );
			if ( $login_page_id ) {
				$login_url = get_permalink( $login_page_id );
				if ( $login_url ) {
					wp_redirect( $login_url );
					exit;
				}
			}

			// Fallback to WordPress login
			wp_redirect( wp_login_url( get_permalink( $dashboard_page_id ) ) );
			exit;
		}

		// Check if user has ddhh_provider role
		$user = wp_get_current_user();
		if ( ! in_array( 'ddhh_provider', (array) $user->roles, true ) ) {
			// User is logged in but not a provider
			$login_page_id = get_option( 'ddhh_jm_login_page_id' );
			if ( $login_page_id ) {
				$login_url = get_permalink( $login_page_id );
				if ( $login_url ) {
					wp_redirect( $login_url );
					exit;
				}
			}

			// Fallback to WordPress login
			wp_redirect( wp_login_url( get_permalink( $dashboard_page_id ) ) );
			exit;
		}
	}
}