<?php
declare(strict_types=1);

namespace Unsupervised\Schedular\Payment;

use Unsupervised\Schedular\Auth\RoleManager;

class StudioSettings {

	public const OPT_PUBLISHABLE     = 'us_stripe_publishable_key';
	public const OPT_SECRET          = 'us_stripe_secret_key';
	public const OPT_MODE            = 'us_stripe_mode';
	public const OPT_CURRENCY        = 'us_currency';
	public const OPT_ETRANSFER_EMAIL = 'us_etransfer_email';
	public const OPT_HST_RATE        = 'us_hst_rate';

	public function publishableKey(): string {
		return (string) get_option( self::OPT_PUBLISHABLE, '' );
	}

	public function secretKey(): string {
		return (string) get_option( self::OPT_SECRET, '' );
	}

	public function mode(): string {
		return 'live' === get_option( self::OPT_MODE, 'test' ) ? 'live' : 'test';
	}

	public function currency(): string {
		$currency = (string) get_option( self::OPT_CURRENCY, 'CAD' );

		return '' !== $currency ? strtoupper( $currency ) : 'CAD';
	}

	/**
	 * The studio-default e-transfer destination email (used when an offering has
	 * no override).
	 */
	public function etransferEmail(): string {
		return (string) get_option( self::OPT_ETRANSFER_EMAIL, '' );
	}

	/**
	 * Default HST/tax rate as a percentage (e.g. 13.0). 0 means no tax.
	 */
	public function hstRate(): float {
		return max( 0.0, (float) get_option( self::OPT_HST_RATE, 0 ) );
	}

	/**
	 * Whether Stripe is configured. When false the platform falls back to
	 * e-transfer billing and card processing is unavailable.
	 */
	public function isStripeConfigured(): bool {
		return '' !== $this->publishableKey() && '' !== $this->secretKey();
	}

	public function renderPage(): void {
		if ( ! current_user_can( RoleManager::CAP_MANAGE_BILLING ) ) {
			wp_die( esc_html__( 'You do not have permission to manage billing settings.', 'unsupervised-schedular' ) );
		}

		if ( isset( $_POST['usc_action'] ) && check_admin_referer( 'usc_settings_action' ) ) {
			$this->save();
		}

		$publishableKey   = $this->publishableKey();
		$secretKey        = $this->secretKey();
		$mode             = $this->mode();
		$currency         = $this->currency();
		$etransferEmail   = $this->etransferEmail();
		$hstRate          = $this->hstRate();
		$stripeConfigured = $this->isStripeConfigured();

		include USC_PLUGIN_DIR . 'templates/admin/settings.php';
	}

	private function save(): void {
		// Nonce is verified by the caller (renderPage) before this method runs.
		// phpcs:disable WordPress.Security.NonceVerification.Missing
		$mode = sanitize_key( wp_unslash( $_POST['mode'] ?? 'test' ) );
		update_option( self::OPT_PUBLISHABLE, sanitize_text_field( wp_unslash( $_POST['publishable_key'] ?? '' ) ) );
		update_option( self::OPT_SECRET, sanitize_text_field( wp_unslash( $_POST['secret_key'] ?? '' ) ) );
		update_option( self::OPT_MODE, 'live' === $mode ? 'live' : 'test' );
		update_option( self::OPT_CURRENCY, strtoupper( sanitize_text_field( wp_unslash( $_POST['currency'] ?? 'CAD' ) ) ) );
		update_option( self::OPT_ETRANSFER_EMAIL, sanitize_email( wp_unslash( $_POST['etransfer_email'] ?? '' ) ) );
		$hstRate = isset( $_POST['hst_rate'] ) ? (float) $_POST['hst_rate'] : 0.0;
		update_option( self::OPT_HST_RATE, max( 0.0, $hstRate ) );
		// phpcs:enable WordPress.Security.NonceVerification.Missing
	}
}