class ApplicationController < ActionController::Base
  include Intercession
 
  before_filter :load_skin
  before_filter :require_user
  before_filter :require_matching_skin
  before_filter :require_admin
 
  def load_skin
    session.skin = Skin.for_request(request)
  end
 
  def require_user
    unless session.authenticated?
      session.bookmark(request)
      redirect_to(new_session_path)
      end
    end 
  end
 
  def require_matching_skin
    unless session.skin.subdomain?(request.subdomains.first)
      return redirect_to(:host => session.skin.host)
    end
  end
 
  def require_admin
    unless session.admin?
      redirect_to(new_session_path)
    end
  end
end

module Transient
 
  # This module gets mixed in to the Rails session, and lets us
  # treat the session more like a real object. Note that not all attributes
  # of the session are necessarily session-scoped: some, like skin, are 
  # set by before_filters on every request. See ApplicationController for
  # those. Note that while most things this module is mixed in to are
  # Hashlike, they vary in capabilitites. Safest to assume that the index[]
  # op is the only thing that's available.
 
  module Session
    attr_accessor :skin
    
    # Removes all user-related data from the session, making it safe to be
    # reused on logout.
    
    def sanitize
      self.user = nil
    end
    
    # When called with a destination, (example: session.bookmark(request))
    # stores the bookmarked destination in the session for later use. When
    # called as an accessor, (example: redirect_to session.bookmark) returns
    # and clears any bookmarked destination. Knows how to deal with requests,
    # strings, and url_for-style hashes.
    
    def bookmark(dest=nil)
      unless dest
        bookmark = self[:bookmark]
        self[:bookmark] = nil
        return bookmark
      end
      
      dest = dest.request_uri if dest.respond_to?(:request_uri)
      self[:bookmark] = dest
    end
    
    # Does this session currently have a bookmark?
 
    def bookmarked?
      self[:bookmark]
    end
    
    # Returns the authenticated user for this session, or nil.
 
    def user
      @user ||= User.find(self[:user_id]) if self[:user_id]
    end
    
    # Sets the authenticated user for this session. Set to nil to clear the
    # session's user, though you're probably better off calling sanitize.
    
    def user=(user)
      unless user
        self[:user_id] = @user = nil
        return
      end
      
      self[:user_id] = user.id
      @user = user
    end
    
    # Acts as a simple track clipboard. track IDs get persisted in the session
    # down in before_save if necessary.
    
    def tracks
      @tracks ||= Track.find(:all,
        :conditions => ["id in (?)", self[:tracks] || []], :order => :title)
    end
    
    # This session doesn't have an authenticated user, right?
    
    def anonymous?
      not user
    end
 
    # This session has an authenticated user, right?
    
    def authenticated?
      not anonymous?
    end
    
    # Is there a logged-in, administrative user?
    
    def admin?
      authenticated? && user.admin?
    end
    
    # Called by an after_filter in the application controller. A good
    # opportunity to turn heavy lists of stuff into IDs, etc.
    
    def before_save
      self[:tracks] = @tracks.collect(&:id) if @tracks
    end
  end
end