@doc """

  Deliver an invitation to join an organization to an email.

  """

  def deliver_organization_invitation(invitation, url) do

    deliver(invitation.email, "You've been invited to join #{invitation.organization.name}", """

    ==============================

    Hi #{invitation.email},

    You have been invited to join #{invitation.organization.name}'s organization.

    You can join by visiting the URL below:

    #{url}

    ==============================

    """)

  end

  import Ecto.Query

  alias MyApp.Organizations.Invitation

  ## Invitations

  def get_invitation!(invitation_id, organization) do

    Invitation

    |> Invitation.organization_query(organization)

    |> Repo.get!(invitation_id)

  end

  def get_invitation_by_token(token) do

    {:ok, query} = Invitation.verify_token_query(token)

    Repo.one(query)

  end

  def get_invitation_by_token!(token) do

    {:ok, query} = Invitation.verify_token_query(token)

    Repo.one!(query)

  end

  def list_invitations(organization) do

    Invitation

    |> Invitation.organization_query(organization)

    |> order_by(desc: :inserted_at)

    |> Repo.all()

  end

  def delete_invitation(invitation) do

    Repo.delete(invitation)

  end

  def accept_invitation(user, token, organization_url_fun)

      when is_function(organization_url_fun, 1) do

    Repo.transaction(fn ->

      invitation = get_invitation_by_token!(token)

      opts = [

        organization_url: organization_url_fun.(invitation.organization)

      ]

      with {:ok, invitation} <- delete_invitation(invitation),

           {:ok, multi} <- add_user(invitation.organization, user, [role: :member], opts) do

        multi

      else

        {:error, reason} -> Repo.rollback(reason)

      end

    end)

  end

  def send_invitations_to_all(emails, organization, accept_invitation_url_fun)

      when emails != [] do

    Enum.reduce_while(emails, :ok, fn email, :ok ->

      case send_invitation(email, organization, accept_invitation_url_fun) do

        {:ok, _invitation} -> {:cont, :ok}

        {:error, _reason} = error -> {:halt, error}

      end

    end)

  end

  def send_invitation(email, organization, accept_invitation_url_fun)

      when is_function(accept_invitation_url_fun, 1) do

    Repo.transaction(fn ->

      with {:ok, encoded_token, invitation} <- Invitation.build(organization, email: email),

           {:ok, invitation} <- Repo.insert(invitation),

           {:ok, _email} <-

             UserNotifier.deliver_organization_invitation(

               invitation,

               accept_invitation_url_fun.(encoded_token)

             ) do

        {:ok, invitation}

      else

        {:error, reason} -> Repo.rollback(reason)

      end

    end)

  end

defmodule MyApp.Organizations.Invitation do

  use Ecto.Schema

  import Ecto.Changeset

  import Ecto.Query

  alias MyApp.Organizations

  @hash_algorithm :sha256

  @rand_size 32

  @expiration_in_days 3

  @primary_key {:id, :binary_id, autogenerate: true}

  @foreign_key_type :binary_id

  schema "organizations_invitations" do

    field :email, :string

    field :token, :binary

    belongs_to :organization, Organizations.Organization

    timestamps(updated_at: false)

  end

  def build(organization, attrs) do

    token = :crypto.strong_rand_bytes(@rand_size)

    hashed_token = :crypto.hash(@hash_algorithm, token)

    changeset =

      %__MODULE__{}

      |> Map.merge(%{organization: organization, token: hashed_token})

      |> email_changeset(Map.new(attrs))

    with {:ok, invitation} <- apply_action(changeset, :validate) do

      {:ok, Base.url_encode64(token, padding: false), invitation}

    end

  end

  ## Changesets

  def email_changeset(invitation, attrs) do

    invitation

    |> cast(attrs, [:email])

    |> validate_required([:email])

    |> validate_format(:email, ~r/@/)

  end

  ## Queries

  def verify_token_query(token) do

    case Base.url_decode64(token, padding: false) do

      {:ok, decoded_token} ->

        hashed_token = :crypto.hash(@hash_algorithm, decoded_token)

        query =

          from invitation in __MODULE__,

            where: invitation.token == ^hashed_token,

            where: invitation.inserted_at > ago(^@expiration_in_days, "day"),

            preload: :organization

        {:ok, query}

      :error ->

        :error

    end

  end

  def organization_query(query, organization) do

    from invitation in query,

      where: [organization_id: ^organization.id]

  end

  ## View

  def expired?(invitation) do

    NaiveDateTime.before?(expiration_date_time(invitation), NaiveDateTime.utc_now())

  end

  def expiration(invitation) do

    Calendar.strftime(expiration_date_time(invitation), "%B %-d, %Y")

  end

  def expiration_date_time(invitation) do

    NaiveDateTime.shift(invitation.inserted_at, Duration.new!(day: @expiration_in_days))

  end

end

defmodule MyAppWeb.Organization.InvitationController do

  use MyAppWeb, :controller

  alias MyApp.Organizations

  def show(conn, %{"token" => token}) do

    current_user = conn.assigns.current_user

    invitation = Organizations.get_invitation_by_token(token)

    cond do

      invitation == nil ->

        conn

        |> put_flash(:error, "Invitation is invalid or has expired.")

        |> redirect(to: ~p"/users/register")

      current_user == nil ->

        conn

        |> put_session(:user_return_to, ~p"/invitations/accept/#{token}")

        |> redirect(to: ~p"/users/register")

      Organizations.get_user(current_user.id, invitation.organization) ->

        conn

        |> put_flash(:info, "You are already a member of #{invitation.organization.name}.")

        |> redirect(to: ~p"/#{invitation.organization}")

      true ->

        render(conn, :accept, token: token, invitation: invitation)

    end

  end

  def accept(conn, %{"token" => token}) do

    {:ok, %{organization: organization}} =

      Organizations.accept_invitation(conn.assigns.current_user, token, &url(~p"/#{&1}"))

    conn

    |> put_flash(:info, "You are now a member of #{organization.name}.")

    |> redirect(to: ~p"/#{organization}")

  end

end

defmodule MyAppWeb.Organization.InvitationHTML do

  use MyAppWeb, :html

  embed_templates "invitation_html/*"

end

<.header>

  You're invited to join {@invitation.organization.name}

  <:subtitle>

    Click below to accept the invitation with your current user account.

  </:subtitle>

</.header>

<.form for={%{}} class="mt-10" method="post" action={~p"/invitations/accept"}>

  <input type="hidden" name="token" value={@token} />

  <.button type="submit">

    Accept invitation

  </.button>

</.form>

defmodule MyAppWeb.OrganizationLive.AddMembersComponent do

  use MyAppWeb, :live_component

  import MyAppWeb.OrganizationLive.AddMembersForm.Components

  alias MyApp.Organizations

  alias MyAppWeb.OrganizationLive.AddMembersForm

  def render(assigns) do

    ~H"""

    <div>

      <.header>

        Add members

      </.header>

      <.form class="mt-6" for={@form} phx-change="validate" phx-submit="save" phx-target={@myself}>

        <.inputs_for :let={f} field={@form[:invitations]}>

          <.drop_field_wrapper form={@form} drop_param={:invitations_drop} drop_index={f.index}>

            <.input field={f[:email]} type="email" autocomplete="off" placeholder="Enter an email..." />

          </.drop_field_wrapper>

        </.inputs_for>

        <.add_field_button class="mt-3" form={@form} sort_param={:invitations_sort} />

        <.button class="mt-6" type="submit">

          Invite all

        </.button>

      </.form>

    </div>

    """

  end

  def mount(socket) do

    changeset = AddMembersForm.changeset(AddMembersForm.new(3), %{})

    {:ok, assign(socket, :form, to_form(changeset))}

  end

  def handle_event("validate", %{"add_members_form" => params}, socket) do

    changeset = AddMembersForm.validate(params)

    {:noreply, assign(socket, :form, to_form(changeset))}

  end

  def handle_event("save", %{"add_members_form" => params}, socket) do

    organization = socket.assigns.organization

    url_fun = &url(~p"/invitations/accept/#{&1}")

    with {:ok, emails} <- AddMembersForm.submit(params),

         :ok <- Organizations.send_invitations_to_all(emails, organization, url_fun) do

      {:noreply,

       socket

       |> put_flash(:info, "Sent invitations to #{length(emails)} email(s).")

       |> push_patch(to: ~p"/#{organization}/members")}

    else

      {:error, %Ecto.Changeset{} = changeset} ->

        {:noreply, assign(socket, :form, to_form(changeset))}

      {:error, _reason} ->

        {:noreply,

         socket

         |> put_flash(:error, "Failed to send invitation email(s).")

         |> push_patch(to: ~p"/#{organization}/members/add")}

    end

  end

end

defmodule MyAppWeb.OrganizationLive.AddMembersForm do

  use Ecto.Schema

  import Ecto.Changeset

  embedded_schema do

    embeds_many :invitations, Invitation do

      field :email, :string

    end

  end

  def new(count) do

    %__MODULE__{

      invitations: for(_ <- 1..count, do: %__MODULE__.Invitation{})

    }

  end

  def validate(params) do

    %__MODULE__{}

    |> changeset(params)

    |> Map.put(:action, :validate)

  end

  def submit(params) do

    handle_result = fn form ->

      form.invitations

      |> Enum.map(& &1.email)

      |> Enum.reject(&is_nil/1)

    end

    %__MODULE__{}

    |> changeset(params)

    |> apply_action(:insert)

    |> case do

      {:ok, form} -> {:ok, handle_result.(form)}

      {:error, _changeset} = reason -> reason

    end

  end

  def changeset(form, attrs) do

    form

    |> cast(attrs, [])

    |> cast_embed(:invitations,

      required: true,

      with: &invitation_changeset/2,

      sort_param: :invitations_sort,

      drop_param: :invitations_drop

    )

  end

  def invitation_changeset(invitation, attrs) do

    invitation

    |> cast(attrs, [:email])

    |> validate_format(:email, ~r/@/)

  end

  defmodule Components do

    use MyAppWeb, :html

    attr :form, Phoenix.HTML.Form, required: true

    attr :drop_param, :atom, required: true

    attr :drop_index, :integer, required: true

    slot :inner_block, required: true

    def drop_field_wrapper(assigns) do

      ~H"""

      <div class="flex items-end">

        <div class="flex-1">

          {render_slot(@inner_block)}

        </div>

        <div class="size-10 mb-px flex items-center justify-center">

          <label

            :if={@drop_index > 0}

            class="size-6 bg-zinc-100 rounded flex items-center justify-center"

          >

            <input

              type="checkbox"

              class="hidden"

              name={Phoenix.HTML.Form.input_name(@form, @drop_param) <> "[]"}

              value={@drop_index}

            /> <.icon name="hero-minus-mini" class="size-3" />

          </label>

        </div>

      </div>

      """

    end

    attr :form, Phoenix.HTML.Form, required: true

    attr :sort_param, :atom, required: true

    attr :class, :string, default: nil

    def add_field_button(assigns) do

      ~H"""

      <label class={[@class, "size-6 bg-zinc-100 rounded flex items-center justify-center"]}>

        <input

          type="checkbox"

          class="hidden"

          name={Phoenix.HTML.Form.input_name(@form, @sort_param) <> "[]"}

        />

        <.icon name="hero-plus-mini" class="size-3" />

      </label>

      """

    end

  end

end

  alias MyAppWeb.OrganizationLive.AddMembersComponent

    <div class="mt-10">

      <.header>

        Invitations

      </.header>

      <.table id="organization_invitations_table" rows={@streams.invitations}>

        <:col :let={{_id, invitation}} label="Email">

          {invitation.email}

        </:col>

        <:col :let={{_id, invitation}} label="Expires">

          <%= if Organizations.Invitation.expired?(invitation) do %>

            <span class="text-red-500">

              Expired on {Organizations.Invitation.expiration(invitation)}

            </span>

          <% else %>

            <span>{Organizations.Invitation.expiration(invitation)}</span>

          <% end %>

        </:col>

        <:action :let={{id, invitation}} :if={@organization.user_role == :owner}>

          <.link

            phx-click={JS.hide(to: id) |> JS.push("delete_invitation", value: %{id: invitation.id})}

            data-confirm="Are you sure you want to delete this invitation?"

          >

            Delete

          </.link>

        </:action>

      </.table>

    </div>

      id="add_members_modal"

        id="add_members_form"

        module={AddMembersComponent}

    invitations = Organizations.list_invitations(socket.assigns.organization)

     |> stream(:invitations, invitations, reset: true)

    assign(socket, :page_title, "Add members")

  def handle_event("delete_invitation", %{"id" => invitation_id}, socket) do

    {:ok, invitation} =

      invitation_id

      |> Organizations.get_invitation!(socket.assigns.organization)

      |> Organizations.delete_invitation()

    {:noreply, stream_delete(socket, :invitations, invitation)}

  end

    get "/invitations/accept/:token", Organization.InvitationController, :show

      post "/invitations/accept", Organization.InvitationController, :accept

defmodule MyApp.Repo.Migrations.AddOrganizationsInvitations do

  use Ecto.Migration

  def change do

    create table(:organizations_invitations, primary_key: false) do

      add :id, :binary_id, primary_key: true

      add :email, :string, null: false

      add :token, :binary, null: false

      add :organization_id, references(:organizations, type: :binary_id, on_delete: :delete_all),

        primary_key: true

      timestamps(updated_at: false)

    end

    create unique_index(:organizations_invitations, [:token])

    create index(:organizations_invitations, [:organization_id])

  end

end