class User < ApplicationRecord
  has_secure_password
  has_many :jobs_as_costumer, foreign_key: :costumer_id, class_name: "Job"
  has_many :jobs_as_operator, foreign_key: :operator_id, class_name: "Job"

  generates_token_for :email_verification, expires_in: 2.days do
    email
  end
  generates_token_for :password_reset, expires_in: 20.minutes do
    password_salt.last(10)
  end

  has_many :sessions, dependent: :destroy

  # validates :email, presence: true, uniqueness: true, format: { with: URI::MailTo::EMAIL_REGEXP }
  validates :email, presence: true, uniqueness: true,
            format: { with: /\b[A-Z0-9._%a-z\-]+@(student\.|)hs\-rm\.de\z/, message: "must be a student.hs-rm.de or hs-rm.de email" }

  validates :password, allow_nil: true, length: { minimum: 12 }
  # validates :password, not_pwned: { message: "might easily be guessed" }

  validates_presence_of :firstname, :lastname

  normalizes :email, with: -> { _1.strip.downcase }

  AVAILABLE_ROLES = [ :user, :operator, :admin ]

  enum :role, {
    user: "user",
    operator: "operator",
    admin: "admin"
  }

  before_validation if: :email_changed?, on: :update do
    self.verified = false
  end

  after_update if: :password_digest_previously_changed? do
    sessions.where.not(id: Current.session).delete_all
  end

  def name
    [ firstname, " ", lastname ].join
  end

  def self.ransackable_attributes(auth_object = nil)
    [ "created_at", "email", "firstname", "id",  "jobs_as_costumer_count", "jobs_as_operator_count", "lastname", "role", "verified", "name" ]
  end

  def self.ransackable_associations(auth_object = nil)
    []
  end

  ransacker :name do
    Arel.sql("CONCAT_WS(' ', users.firstname, users.lastname)")
  end
end