class ZoomNotificationsController < ApplicationController
  skip_before_action :require_login
  skip_after_action :verify_authorized
  skip_after_action :verify_policy_scoped
  skip_before_action :verify_authenticity_token

  before_action :authorize_zoom
  before_action :set_zoom_meeting, only: [:create], if: :meeting_event?

  def create
    case notification_event
    when 'meeting.started'
      @zoom_meeting.started!
    when 'meeting.ended'
      @zoom_meeting.ended!
    when 'recording.completed'
      recording = notification.dig(:payload, :object, :recording_files).first
      AttachRecordingToZoomMeetingJob.perform_later(@zoom_meeting, recording, notification['download_token'])
    when 'user.deleted'
      zoom_user = ZoomUser.find_by(api_id: notification.dig(:payload, :object, :id))
      if zoom_user.present?
        zoom_user.api_id = nil
        zoom_user.destroy
      end
    else
      Rails.logger.info notification_event
      Rails.logger.info notification
    end

    head :ok
  end

  private

  def notification
    params.to_unsafe_h
  end

  def notification_event
    notification.dig(:event)
  end

  def notification_meeting_id
    notification.dig(:payload, :object, :id)
  end

  def notification_host_id
    notification.dig(:payload, :object, :host_id)
  end

  def meeting_event?
    notification_event.split(".").first.to_s.in? %w(meeting recording)
  end

  def set_zoom_meeting
    @zoom_meeting = ZoomMeeting.find_by!(api_meeting_id: notification_meeting_id)
  end

  def authorize_zoom
    if request.headers['Authorization'] != ENV['ZOOM_VERIFICATION_TOKEN']
      head :forbidden
    end
  end

end