/*
 *  Copyright 2015 Anyware Services
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */
package org.ametys.plugins.linkdirectory;

import java.text.Normalizer;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;

import org.apache.avalon.framework.component.Component;
import org.apache.avalon.framework.context.Context;
import org.apache.avalon.framework.context.ContextException;
import org.apache.avalon.framework.context.Contextualizable;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.avalon.framework.service.Serviceable;
import org.apache.cocoon.components.ContextHelper;
import org.apache.cocoon.environment.Request;
import org.apache.cocoon.xml.AttributesImpl;
import org.apache.cocoon.xml.XMLUtils;
import org.apache.commons.collections.IteratorUtils;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.jackrabbit.util.ISO9075;
import org.xml.sax.ContentHandler;
import org.xml.sax.SAXException;

import org.ametys.core.group.Group;
import org.ametys.core.group.GroupIdentity;
import org.ametys.core.group.GroupManager;
import org.ametys.core.user.CurrentUserProvider;
import org.ametys.core.user.User;
import org.ametys.core.user.UserIdentity;
import org.ametys.core.user.UserManager;
import org.ametys.core.userpref.UserPreferencesException;
import org.ametys.core.userpref.UserPreferencesManager;
import org.ametys.plugins.explorer.resources.Resource;
import org.ametys.plugins.linkdirectory.Link.LinkType;
import org.ametys.plugins.linkdirectory.dynamic.DynamicInformationProviderExtensionPoint;
import org.ametys.plugins.linkdirectory.repository.DefaultLink;
import org.ametys.plugins.linkdirectory.repository.DefaultLinkFactory;
import org.ametys.plugins.linkdirectory.repository.DefaultTheme;
import org.ametys.plugins.linkdirectory.repository.DefaultThemeFactory;
import org.ametys.plugins.linkdirectory.theme.ThemeExpression;
import org.ametys.plugins.repository.AmetysObject;
import org.ametys.plugins.repository.AmetysObjectIterable;
import org.ametys.plugins.repository.AmetysObjectResolver;
import org.ametys.plugins.repository.AmetysRepositoryException;
import org.ametys.plugins.repository.ModifiableTraversableAmetysObject;
import org.ametys.plugins.repository.TraversableAmetysObject;
import org.ametys.plugins.repository.UnknownAmetysObjectException;
import org.ametys.plugins.repository.metadata.BinaryMetadata;
import org.ametys.plugins.repository.query.expression.Expression;
import org.ametys.runtime.plugin.component.AbstractLogEnabled;
import org.ametys.web.repository.page.Page;
import org.ametys.web.repository.site.Site;
import org.ametys.web.repository.site.SiteManager;
import org.ametys.web.site.SiteConfigurationExtensionPoint;
import org.ametys.web.userpref.FOUserPreferencesConstants;

/**
 * Link directory helper.
 */
public final class DirectoryHelper extends AbstractLogEnabled implements Component, Serviceable, Contextualizable
{
    /** The component role */
    public static final String ROLE = DirectoryHelper.class.getName();

    private static final String __PLUGIN_NODE_NAME = "linkdirectory";
    
    private static final String __LINKS_NODE_NAME = "ametys:directoryLinks";
    
    private static final String __THEMES_NODE_NAME = "ametys:themes";
    
    private static final String __USER_LINKS_NODE_NAME = "user-favorites";
    
    /** The Ametys object resolver */
    private AmetysObjectResolver _ametysObjectResolver;
    
    /** The users manager */
    private UserManager _userManager;

    /** The groups manager */
    private GroupManager _groupManager;
    
    /** The site manager */
    private SiteManager _siteManager;
    
    /** The user preferences manager */
    private UserPreferencesManager _userPreferencesManager;
    
    /** The current user provider */
    private CurrentUserProvider _currentUserProvider;
    
    /** The site configuration extension point */
    private SiteConfigurationExtensionPoint _siteConfiguration;

    /** The context */
    private Context _context;

    private DynamicInformationProviderExtensionPoint _dynamicProviderEP;
    
    @Override
    public void service(ServiceManager manager) throws ServiceException
    {
        _ametysObjectResolver = (AmetysObjectResolver) manager.lookup(AmetysObjectResolver.ROLE);
        _userManager = (UserManager) manager.lookup(UserManager.ROLE);
        _groupManager = (GroupManager) manager.lookup(GroupManager.ROLE);
        _siteManager = (SiteManager) manager.lookup(SiteManager.ROLE);
        _userPreferencesManager = (UserPreferencesManager) manager.lookup(UserPreferencesManager.ROLE + ".FO");
        _currentUserProvider = (CurrentUserProvider) manager.lookup(CurrentUserProvider.ROLE);
        _siteConfiguration = (SiteConfigurationExtensionPoint) manager.lookup(SiteConfigurationExtensionPoint.ROLE);
        _dynamicProviderEP = (DynamicInformationProviderExtensionPoint) manager.lookup(DynamicInformationProviderExtensionPoint.ROLE);
    }
    
    @Override
    public void contextualize(Context context) throws ContextException
    {
        _context = context;
    }
    
    /**
     * Get the root plugin storage object.
     * @param site the site.
     * @return the root plugin storage object.
     * @throws AmetysRepositoryException if a repository error occurs.
     */
    public ModifiableTraversableAmetysObject getPluginNode(Site site) throws AmetysRepositoryException
    {
        try
        {
            ModifiableTraversableAmetysObject pluginsNode = site.getRootPlugins();
            
            return getOrCreateNode(pluginsNode, __PLUGIN_NODE_NAME, "ametys:unstructured");
        }
        catch (AmetysRepositoryException e)
        {
            throw new AmetysRepositoryException("Error getting the link directory plugin node for site " + site.getName(), e);
        }
    }
    
    /**
     * Get the links root node.
     * @param site the site
     * @param language the language.
     * @return the links root node.
     * @throws AmetysRepositoryException if a repository error occurs.
     */
    public ModifiableTraversableAmetysObject getLinksNode(Site site, String language) throws AmetysRepositoryException
    {
        try
        {
            // Get the root plugin node.
            ModifiableTraversableAmetysObject pluginNode = getPluginNode(site);
            
            // Get or create the language node.
            ModifiableTraversableAmetysObject langNode = getOrCreateNode(pluginNode, language, "ametys:unstructured");
            
            // Get or create the definitions container node in the language node and return it.
            return getOrCreateNode(langNode, __LINKS_NODE_NAME, DefaultLinkFactory.LINK_ROOT_NODE_TYPE);
        }
        catch (AmetysRepositoryException e)
        {
            throw new AmetysRepositoryException("Error getting the link directory root node for site " + site.getName() + " and language " + language, e);
        }
    }
    
    /**
     * Get the links root node for the given user.
     * @param site the site
     * @param language the language.
     * @param user The user identity
     * @return the links root node for the given user.
     * @throws AmetysRepositoryException if a repository error occurs.
     */
    public ModifiableTraversableAmetysObject getLinksForUserNode(Site site, String language, UserIdentity user) throws AmetysRepositoryException
    {
        try
        {
            // Get the root plugin node.
            ModifiableTraversableAmetysObject pluginNode = getPluginNode(site);
            
            // Get or create the user links node.
            ModifiableTraversableAmetysObject userLinksNode = getOrCreateNode(pluginNode, __USER_LINKS_NODE_NAME, "ametys:unstructured");
            // Get or create the population node.
            ModifiableTraversableAmetysObject populationNode = getOrCreateNode(userLinksNode, user.getPopulationId(), "ametys:unstructured");
            // Get or create the login node.
            ModifiableTraversableAmetysObject loginNode = getOrCreateNode(populationNode, user.getLogin(), "ametys:unstructured");
            // Get or create the language node.
            ModifiableTraversableAmetysObject langNode = getOrCreateNode(loginNode, language, "ametys:unstructured");
            
            // Get or create the definitions container node in the language node and return it.
            return getOrCreateNode(langNode, __LINKS_NODE_NAME, DefaultLinkFactory.LINK_ROOT_NODE_TYPE);
        }
        catch (AmetysRepositoryException e)
        {
            throw new AmetysRepositoryException("Error getting the link directory root node for user " + user + " and for site " + site.getName() + " and language " + language, e);
        }
    }

    /**
     * Get the themes storage node.
     * @param site the site
     * @param language the language.
     * @return the themes storage node.
     * @throws AmetysRepositoryException if a repository error occurs.
     */
    public ModifiableTraversableAmetysObject getThemesNode(Site site, String language) throws AmetysRepositoryException
    {
        try
        {
            // Get the root plugin node.
            ModifiableTraversableAmetysObject pluginNode = getPluginNode(site);
            
            // Get or create the language node.
            ModifiableTraversableAmetysObject langNode = getOrCreateNode(pluginNode, language, "ametys:unstructured");
            
            // Get or create the definitions container node in the language node and return it.
            return getOrCreateNode(langNode, __THEMES_NODE_NAME, DefaultThemeFactory.THEME_ROOT_NODE_TYPE);
        }
        catch (AmetysRepositoryException e)
        {
            throw new AmetysRepositoryException("Error getting the themes node for site " + site.getName() + " and language " + language, e);
        }
    }
    
    /**
     * Get the plugin node path
     * @param siteName the site name.
     * @return the plugin node path.
     */
    public String getPluginNodePath(String siteName)
    {
        return String.format("//element(%s, ametys:site)/ametys-internal:plugins/%s", siteName, __PLUGIN_NODE_NAME);
    }
    
    /**
     * Get the links root node path
     * @param siteName the site name.
     * @param language the language
     * @return the links root node path.
     */
    public String getLinksNodePath(String siteName, String language)
    {
        return getPluginNodePath(siteName) + "/"  + language + "/" + __LINKS_NODE_NAME;
    }
    
    /**
     * Get the links root node path for the given user 
     * @param siteName the site name.
     * @param language the language
     * @param user The user identity
     * @return the links root node path for the given user.
     */
    public String getLinksForUserNodePath(String siteName, String language, UserIdentity user)
    {
        return getPluginNodePath(siteName) + "/" + __USER_LINKS_NODE_NAME + "/" + ISO9075.encode(user.getPopulationId()) + "/" + ISO9075.encode(user.getLogin()) + "/" + language + "/" + __LINKS_NODE_NAME;
    }
    
    /**
     * Get the themes node path
     * @param siteName the site name.
     * @param language the language
     * @return the themes node path.
     */
    public String getThemesNodePath(String siteName, String language)
    {
        return getPluginNodePath(siteName) + "/"  + language + "/" + __THEMES_NODE_NAME;
    }
    
    /**
     * Get all the links
     * @param siteName the site name.
     * @param language the language.
     * @return all the links' nodes
     */
    public String getAllLinksQuery(String siteName, String language)
    {
        return getLinksNodePath(siteName, language) + "/element(*, " + DefaultLinkFactory.LINK_NODE_TYPE + ")";
    }
    
    /**
     * Get the link query corresponding to the expression passed as a parameter
     * @param siteName the site name.
     * @param language the language.
     * @param expression the {@link Expression} of the links retrieval query
     * @return the link corresponding to the expression passed as a parameter
     */
    public String getLinksQuery(String siteName, String language, Expression expression)
    {
        return getLinksNodePath(siteName, language) + "/element(*, " + DefaultLinkFactory.LINK_NODE_TYPE + ")[" + expression.build() + "]";
    }
    
    /**
     * Get the theme query corresponding to the expression passed as a parameter
     * @param siteName the site name.
     * @param language the language.
     * @param expression the {@link Expression} of the theme retrieval query
     * @return the theme corresponding to the expression passed as a parameter
     */
    public String getThemeQuery(String siteName, String language, Expression expression)
    {
        return getThemesNodePath(siteName, language) + "/element(*, " + DefaultThemeFactory.THEME_NODE_TYPE + ")[" + expression.build() + "]";
    }
    
    /**
     * Get the query verifying the existence of an url
     * @param siteName the site name.
     * @param language the language.
     * @param url the url to test. 
     * @return the query verifying the existence of an url
     */
    public String getUrlExistsQuery(String siteName, String language, String url)
    {
        String lowerCaseUrl = StringUtils.replace(url, "'", "''").toLowerCase();
        return getLinksNodePath(siteName, language) + "/element(*, " + DefaultLinkFactory.LINK_NODE_TYPE + ")[fn:lower-case(@ametys-internal:url) = '" + lowerCaseUrl + "' or fn:lower-case(@ametys-internal:internal-url) = '" + lowerCaseUrl + "']";
    }
    
    /**
     * Get the query verifying the existence of an url for the given user
     * @param siteName the site name.
     * @param language the language.
     * @param url the url to test. 
     * @param user The user identity
     * @return the query verifying the existence of an url for the given user
     */
    public String getUrlExistsForUserQuery(String siteName, String language, String url, UserIdentity user)
    {
        String lowerCaseUrl = StringUtils.replace(url, "'", "''").toLowerCase();
        return getLinksForUserNodePath(siteName, language, user) + "/element(*, " + DefaultLinkFactory.LINK_NODE_TYPE + ")[fn:lower-case(@ametys-internal:url) = '" + lowerCaseUrl + "' or fn:lower-case(@ametys-internal:internal-url) = '" + lowerCaseUrl + "']";
    }
    
    /**
     * Get the query verifying the existence of a theme
     * @param siteName the site name.
     * @param language the language.
     * @param label the label of the theme to test. 
     * @return the query verifying the existence of a theme
     */
    public String getThemeExistsQuery(String siteName, String language, String label)
    {
        String lowerCaseLabel = StringUtils.replace(label, "'", "''").toLowerCase();
        return getThemesNodePath(siteName, language) + "/element(*, " + DefaultThemeFactory.THEME_NODE_TYPE + ")[fn:lower-case(@ametys-internal:label) = '" + lowerCaseLabel + "']";
    }
    
    /**
     * Normalizes an input string in order to capitalize it, remove accents, and replace whitespaces with underscores
     * @param s the string to normalize
     * @return the normalized string
     */
    public String normalizeString(String s)
    {
        // Strip accents
        String normalizedLabel = Normalizer.normalize(s.toUpperCase(), Normalizer.Form.NFD).replaceAll("[^\\p{ASCII}]", "");
        
        // Upper case
        String upperCaseLabel = normalizedLabel.replaceAll(" +", "_").replaceAll("[^\\w-]", "_").replaceAll("_+", "_").toUpperCase();
        
        return upperCaseLabel;
    }
    
    /**
     * Get links of a given site and language
     * @param siteName the site name
     * @param language the language
     * @return the links
     */
    public AmetysObjectIterable<DefaultLink> getLinks(String siteName, String language)
    {
        Site site = _siteManager.getSite(siteName);
        TraversableAmetysObject linksNode = getLinksNode(site, language);
        return linksNode.getChildren();
    }
    
    /**
     * Get the list of links corresponding to the given theme ids
     * @param themesIds the ids of the configured themes
     * @param user the current user
     * @param siteName the site's name
     * @param language the site's language
     * @return the list of default links corresponding to the given themes
     */
    public List<DefaultLink> getLinks(List<String> themesIds, UserIdentity user, String siteName, String language)
    {
        Site site = _siteManager.getSite(siteName);
        TraversableAmetysObject linksNode = getLinksNode(site, language);
        AmetysObjectIterable<AmetysObject> links = linksNode.getChildren();
        Iterator<AmetysObject> it = links.iterator();
        
        if (themesIds.isEmpty())
        {
            return IteratorUtils.toList(it);
        }
        else
        {
            List<DefaultLink> configuredThemeLinks = new ArrayList<> ();

            while (it.hasNext())
            {
                DefaultLink link = (DefaultLink) it.next();
                String[] linkThemes = link.getThemes();
                
                for (String themeId : themesIds)
                {
                    if (ArrayUtils.contains(linkThemes, themeId))
                    {
                        configuredThemeLinks.add(link);
                        break;
                    }
                }
            }
            
            return configuredThemeLinks;
        }
    }
    
    /**
     * Get links of a given site and language, for the given user
     * @param siteName the site name
     * @param language the language
     * @param user The user identity
     * @return the links for the given user
     */
    public AmetysObjectIterable<DefaultLink> getUserLinks(String siteName, String language, UserIdentity user)
    {
        Site site = _siteManager.getSite(siteName);
        TraversableAmetysObject linksNode = getLinksForUserNode(site, language, user);
        return linksNode.getChildren();
    }
    
    /**
     * Checks if the links displayed in a link directory service has access restrictions
     * @param siteName the name of the site
     * @param language the language
     * @param themesIds the list of selected theme ids
     * @return true if the links of the service have access restrictions, false otherwise
     */
    public boolean hasRestrictions(String siteName, String language, List<String> themesIds)
    {
        // No themes => we check all the links' access restrictions
        if (themesIds.isEmpty())   
        {
            String allLinksQuery = getAllLinksQuery(siteName, language);
            try (AmetysObjectIterable<AmetysObject> links = _ametysObjectResolver.query(allLinksQuery))
            {
                if (isAccessRestricted(links))
                {
                    return true;
                }
            }
            
            
        }
        // The service has themes specified => we solely check the corresponding links' access restrictions
        else
        {
            for (String themeId : themesIds)
            {
                String xPathQuery = getLinksQuery(siteName, language, new ThemeExpression(themeId));
                try (AmetysObjectIterable<AmetysObject> links = _ametysObjectResolver.query(xPathQuery))
                {
                    if (isAccessRestricted(links))
                    {
                        return true;
                    }
                }
            }
        }
        
        // All the tested links have no restricted access
        return false;
    }
    
    /**
     * Checks if the links displayed in a link directory service has internal link
     * @param siteName the name of the site
     * @param language the language
     * @param themesIds the list of selected theme ids
     * @return true if the links of the service has internal link, false otherwise
     */
    public boolean hasInternalUrl(String siteName, String language, List<String> themesIds)
    {
        String allowedIdParameter = _siteConfiguration.getValueAsString(siteName, "allowed-ip");
        if (StringUtils.isBlank(allowedIdParameter))
        {
            return false;
        }
        
        UserIdentity user = _currentUserProvider.getUser();
        
        List<DefaultLink> links = getLinks(themesIds, user, siteName, language);
        for (DefaultLink link : links)
        {
            if (StringUtils.isNotBlank(link.getInternalUrl()))
            {
                return true;
            }
        }
        
        return false;
    }
    
    /**
     * Check if the links' access is restricted or not
     * @param links the links to be tested
     * @return true if the link has a restricted access, false otherwise
     */
    public boolean isAccessRestricted(AmetysObjectIterable<AmetysObject> links)
    {
        Iterator<AmetysObject> it = links.iterator();
        
        while (it.hasNext())
        {
            DefaultLink link = (DefaultLink) it.next();
            
            // If any of the links has a limited access, the service declares itself non-cacheable
            if (link.isAllowedAnyUser() || ArrayUtils.isNotEmpty(link.getGrantedGroups()) || ArrayUtils.isNotEmpty(link.getGrantedUsers()))
            {
                return true;
            }
        }
        
        return false;
    }
    
    private ModifiableTraversableAmetysObject getOrCreateNode(ModifiableTraversableAmetysObject parentNode, String nodeName, String nodeType) throws AmetysRepositoryException
    {
        ModifiableTraversableAmetysObject node;
        if (parentNode.hasChild(nodeName))
        {
            node = parentNode.getChild(nodeName);
        }
        else
        {
            node = parentNode.createChild(nodeName, nodeType);
            parentNode.saveChanges();
        }
        return node;
    }
    
    /**
     * Sax the directory links
     * @param siteName the site name
     * @param contentHandler the content handler
     * @param links the list of links to sax 
     * @param storageContext the storage context, null if there is no connected user
     * @param contextVars the context variables
     * @param user the user
     * @param saxThemesLabelOnly true to sax themes label only
     * @param saxLinksOnly true if the only the links need to be saxed, false otherwise
     * @param userLinks true if it is user links
     * @throws SAXException If an error occurs while generating the SAX events
     * @throws UserPreferencesException if an exception occurs while getting the user preferences
     */
    public void saxLinks(String siteName, ContentHandler contentHandler, List<DefaultLink> links, Map<String, String> contextVars, String storageContext, UserIdentity user, boolean saxThemesLabelOnly, boolean saxLinksOnly, boolean userLinks) throws SAXException, UserPreferencesException
    {
        String prefValues = null;
        String[] prefLinksIdsArray = null; 
        if (user != null)
        {
            prefValues =  _userPreferencesManager.getUserPreferenceAsString(user, storageContext, contextVars, "checked-links");
            prefLinksIdsArray = StringUtils.split(prefValues, ",");
        }
        
        String ipRegexp = _siteConfiguration.getValueAsString(siteName, "allowed-ip");
        Pattern ipRestriction = null;
        if (StringUtils.isNotBlank(ipRegexp))
        {
            ipRestriction = Pattern.compile(ipRegexp);
        }
        
        boolean hasIPRestriction = ipRestriction != null;
        boolean isIPAuthorized = _isIPAuthorized(ipRestriction);
            
        for (DefaultLink link : links)
        {
            if (_isCurrentUserGrantedAccess(link))
            {
                boolean selected = false;
                if (ArrayUtils.isNotEmpty(prefLinksIdsArray))
                {
                    if (ArrayUtils.contains(prefLinksIdsArray, link.getId()))
                    {
                        selected = true;
                    }
                }
                
                saxLink(siteName, contentHandler, link, saxThemesLabelOnly, selected, saxLinksOnly, hasIPRestriction, isIPAuthorized, userLinks);
            }
        }
    }
    
    /**
     * Generate a directory link.
     * @param siteName the site name
     * @param contentHandler the content handler
     * @param link the link to generate.
     * @param saxThemesLabelOnly true to sax themes label only
     * @param selected true if a front end user has checked this link as a user preference, false otherwise
     * @param saxLinksOnly true if we want to sax a link for an input data
     * @param hasIPRestriction true if we have IP restriction
     * @param isIPAuthorized true if the IP is authorized
     * @param userLink true if it is a user link
     * @throws SAXException If an error occurs while generating the SAX events
     */
    public void saxLink (String siteName, ContentHandler contentHandler, DefaultLink link, boolean saxThemesLabelOnly, boolean selected, boolean saxLinksOnly, boolean hasIPRestriction, boolean isIPAuthorized, boolean userLink) throws SAXException
    {
        AttributesImpl attrs = new AttributesImpl();
        attrs.addCDATAAttribute("id", link.getId());
        attrs.addCDATAAttribute("lang", link.getLanguage());
        
        LinkType urlType = link.getUrlType();
        
        _addURLAttribute(link, hasIPRestriction, isIPAuthorized, attrs);
        
        attrs.addCDATAAttribute("urlType", StringUtils.defaultString(urlType.toString()));
        
        String dynInfoProviderId = StringUtils.defaultString(link.getDynamicInformationProvider());
        // Check if provider exists
        if (StringUtils.isNotEmpty(dynInfoProviderId) && _dynamicProviderEP.hasExtension(dynInfoProviderId))
        {
            attrs.addCDATAAttribute("dynamicInformationProvider", dynInfoProviderId);
        }
        attrs.addCDATAAttribute("title", StringUtils.defaultString(link.getTitle()));
        attrs.addCDATAAttribute("content", StringUtils.defaultString(link.getContent()));
        
        if (urlType == LinkType.PAGE)
        {
            String pageId = link.getUrl();
            try
            {
                Page page = _ametysObjectResolver.resolveById(pageId);
                attrs.addCDATAAttribute("pageTitle", page.getTitle());
            }
            catch (UnknownAmetysObjectException e)
            {
                attrs.addCDATAAttribute("unknownPage", "true");
            }
        } 
        
        attrs.addCDATAAttribute("alternative", StringUtils.defaultString(link.getAlternative()));
        attrs.addCDATAAttribute("pictureAlternative", StringUtils.defaultString(link.getPictureAlternative()));
        
        attrs.addCDATAAttribute("user-selected", selected ? "true" : "false");
        
        String pictureType = link.getPictureType();
        attrs.addCDATAAttribute("pictureType", pictureType);
        if (pictureType.equals("resource"))
        {
            String resourceId = link.getResourcePictureId();
            try
            {
                Resource resource = _ametysObjectResolver.resolveById(resourceId);
                attrs.addCDATAAttribute("pictureId", resourceId);
                attrs.addCDATAAttribute("pictureName", resource.getName());
                attrs.addCDATAAttribute("pictureSize", Long.toString(resource.getLength()));
                attrs.addCDATAAttribute("imageType", "explorer");
            }
            catch (UnknownAmetysObjectException e)
            {
                getLogger().error("The resource of id'" + resourceId + "' does not exist anymore. The picture for link of id '" + link.getId() + "' will be ignored.", e);
            }
            
        }
        else if (pictureType.equals("external"))
        {
            BinaryMetadata picMeta = link.getExternalPicture();
            attrs.addCDATAAttribute("picturePath", DefaultLink.PROPERTY_PICTURE);
            attrs.addCDATAAttribute("pictureName", picMeta.getFilename());
            attrs.addCDATAAttribute("pictureSize", Long.toString(picMeta.getLength()));
            attrs.addCDATAAttribute("imageType", "link-metadata");
        }
        else if (pictureType.equals("glyph"))
        {
            attrs.addCDATAAttribute("pictureGlyph", link.getPictureGlyph());
        }
        
        attrs.addCDATAAttribute("grantAnyUser", String.valueOf(link.isAllowedAnyUser()));
        
        boolean isAccessLimited = link.isAllowedAnyUser() || ArrayUtils.isNotEmpty(link.getGrantedUsers()) || ArrayUtils.isNotEmpty(link.getGrantedGroups());
        attrs.addCDATAAttribute("limitedAccess", String.valueOf(isAccessLimited)); 
        
        attrs.addCDATAAttribute("userLink", String.valueOf(userLink));
        
        XMLUtils.startElement(contentHandler, "link", attrs);

        // Sax the access limitations if necessary
        if (!saxLinksOnly)
        {
            _saxGrantedUsers(contentHandler, link);
            _saxGrantedGroups(contentHandler, link);
        }
        
        // Themes
        if (saxThemesLabelOnly)
        {
            _saxThemesLabel(contentHandler, link);
        }
        else
        {
            _saxThemes(contentHandler, link);
        }
        
        XMLUtils.endElement(contentHandler, "link");
    }
    
    /**
     * Add the URL attribute to sax
     * @param link the link
     * @param hasIPRestriction true if we have IP restriction
     * @param isIPAuthorized true if the IP is authorized
     * @param attrs the attribute
     */
    private void _addURLAttribute(DefaultLink link, boolean hasIPRestriction, boolean isIPAuthorized, AttributesImpl attrs)
    {
        String internalUrl = link.getInternalUrl();
        String externalUrl = link.getUrl();
        
        // If we have no internal URL or no IP restriction, just sax external URL
        if (StringUtils.isBlank(internalUrl) || !hasIPRestriction)
        {
            attrs.addCDATAAttribute("url", StringUtils.defaultString(externalUrl));
        }
        else
        {
            // If the IP is authorized, sax internal URL
            if (isIPAuthorized)
            {
                attrs.addCDATAAttribute("url", StringUtils.defaultString(internalUrl));
            }
            // else if we have external URL, we sax it
            else if (StringUtils.isNotBlank(externalUrl))
            {
                attrs.addCDATAAttribute("url", StringUtils.defaultString(externalUrl));
            }
            // else we sax the internal URL and we disable it because the IP is not authorized
            else
            {
                attrs.addCDATAAttribute("url", StringUtils.defaultString(internalUrl));
                attrs.addCDATAAttribute("disabled", "true");
            }
        }
    }
    
    /**
     * Get the actual ids of the themes configured properly, their names if they were not 
     * @param configuredThemesNames the normalized ids of the configured themes
     * @param siteName the site's name
     * @param language the site's language
     * @return the actual ids of the configured themes
     */
    public Map<String, List<String>> getThemesMap(List<String> configuredThemesNames, String siteName, String language)
    {
        Map<String, List<String>> themesMap = new HashMap<> ();
        List<String> correctThemesList = new ArrayList<> ();
        List<String> wrongThemesList = new ArrayList<> ();
        
        for (int i = 0; i < configuredThemesNames.size(); i++)
        {
            ModifiableTraversableAmetysObject themesNode = this.getThemesNode(_siteManager.getSite(siteName), language);
            String configuredThemeName = configuredThemesNames.get(i);
            
            if (!themesNode.hasChild(configuredThemeName))
            {
                getLogger().warn("The theme '" + configuredThemeName + "' was not found. It will be ignored.");
                wrongThemesList.add(configuredThemeName);
            }
            else
            {
                AmetysObject configuredThemeNode = themesNode.getChild(configuredThemesNames.get(i));
                correctThemesList.add(configuredThemeNode.getId());
            }
        }
        
        themesMap.put("themes", correctThemesList);
        themesMap.put("unknown-themes", wrongThemesList);
        return themesMap;
    }
    
    /**
     * Retrieve theme ids from theme names
     * @param site the site
     * @param language the language
     * @param configuredThemesNames the names of the configured themes
     * @return the themes ids matching the given theme names
     */
    public List<String> getThemesIdsFromThemesNames(Site site, String language, List<String> configuredThemesNames)
    {
        List<String> configuredThemesIds = new ArrayList<>();
        
        if (configuredThemesNames != null)
        {
            for (int i = 0; i < configuredThemesNames.size(); i++)
            {
                ModifiableTraversableAmetysObject themesNode = this.getThemesNode(site, language);
                String configuredThemeName = configuredThemesNames.get(i);

                if (themesNode.hasChild(configuredThemeName))
                {
                    AmetysObject configuredThemeNode = themesNode.getChild(configuredThemeName);
                    configuredThemesIds.add(configuredThemeNode.getId());
                }
            }
        }
        
        return configuredThemesIds;
    }
    
    /**
     * Verify the existence of a theme
     * @param themeId the id of the theme to verify
     * @return true if the theme exists, false otherwise
     */
    public boolean themeExists(String themeId)
    {
        return _ametysObjectResolver.hasAmetysObjectForId(themeId);
    }

    /**
     * Get the site's name
     * @param request the request
     * @return the site's name
     */
    public String getSiteName(Request request)
    {
        Page page = (Page) request.getAttribute(Page.class.getName());
        String siteName = null;
        if (page != null)
        {
            siteName = page.getSiteName();
        }
        else
        {
            siteName = (String) request.getAttribute("site");
        }
        return siteName;
    }

    /**
     * Get the site's language
     * @param request the request
     * @return the site's language
     */
    public String getLanguage(Request request)
    {
        String language = (String) request.getAttribute("sitemapLanguage");
        if (StringUtils.isEmpty(language))
        {
            language = request.getParameter("language");
        }
        
        return language;
    }
    
    /**
     * Retrieve the context variables from the front
     * @param request the request
     * @return the map of context variables
     */
    public Map<String, String> getContextVars(Request request)
    {
        Map<String, String> contextVars = new HashMap<> ();
        
        contextVars.put(FOUserPreferencesConstants.CONTEXT_VAR_SITENAME, getSiteName(request));
        contextVars.put(FOUserPreferencesConstants.CONTEXT_VAR_LANGUAGE, getLanguage(request));
    
        return contextVars;
    }
    
    /**
     * Sax the themes
     * @param contentHandler the content handler 
     * @param link the link 
     * @throws SAXException If an error occurs while generating the SAX events
     */
    private void _saxThemes (ContentHandler contentHandler, DefaultLink link) throws SAXException
    {
        XMLUtils.startElement(contentHandler, "themes");
        
        for (String themeId : link.getThemes())
        {
            try
            {
                DefaultTheme theme = _ametysObjectResolver.resolveById(themeId);
                
                AttributesImpl attrs = new AttributesImpl();
                attrs.addCDATAAttribute("id", themeId);
                attrs.addCDATAAttribute("label", theme.getLabel());
                
                XMLUtils.createElement(contentHandler, "theme", attrs);
            }
            catch (UnknownAmetysObjectException e)
            {
                // Theme does not exist anymore
            }
        }
            
        
        XMLUtils.endElement(contentHandler, "themes");
    }
    
    /**
     * Sax the label of the themes
     * @param contentHandler the content handler
     * @param link the link
     * @throws SAXException if an error occurs while saxing
     */
    private void _saxThemesLabel (ContentHandler contentHandler, DefaultLink link) throws SAXException
    {
        List<String> themesLabel = new ArrayList<>();
        
        for (String themeId : link.getThemes())
        {
            try
            {
                DefaultTheme theme = _ametysObjectResolver.resolveById(themeId);
                themesLabel.add(theme.getLabel());
            }
            catch (UnknownAmetysObjectException e)
            {
                // Theme does not exist anymore
            }
        }
        
        XMLUtils.createElement(contentHandler, "themes", StringUtils.join(themesLabel, ", "));
    }
    
    /**
     * Sax the granted users
     * @param contentHandler the content handler
     * @param link the link
     * @throws SAXException if an exception occurs while saxing
     */
    private void _saxGrantedUsers(ContentHandler contentHandler, DefaultLink link) throws SAXException
    {
        XMLUtils.startElement(contentHandler, "granted-users");
        
        for (UserIdentity grantedUser : link.getGrantedUsers())
        {
            User user = _userManager.getUser(grantedUser.getPopulationId(), grantedUser.getLogin());
            if (user != null)
            {
                AttributesImpl attrs = new AttributesImpl();
                attrs.addCDATAAttribute("login", grantedUser.getLogin());
                attrs.addCDATAAttribute("populationId", grantedUser.getPopulationId());
                attrs.addCDATAAttribute("fullName", user.getFullName());
                XMLUtils.createElement(contentHandler, "granted-user", attrs);
            }
        }
        XMLUtils.endElement(contentHandler, "granted-users");
    }
    
    /**
     * Sax the granted groups
     * @param contentHandler the content handler
     * @param link the link
     * @throws SAXException if an exception occurs while saxing
     */
    private void _saxGrantedGroups(ContentHandler contentHandler, DefaultLink link) throws SAXException
    {
        XMLUtils.startElement(contentHandler, "granted-groups");
        
        for (GroupIdentity grantedGroup : link.getGrantedGroups())
        {
            Group group = _groupManager.getGroup(grantedGroup.getDirectoryId(), grantedGroup.getId());
            if (group != null)
            {
                AttributesImpl attrs = new AttributesImpl();
                attrs.addCDATAAttribute("id", grantedGroup.getId());
                attrs.addCDATAAttribute("groupDirectory", grantedGroup.getDirectoryId());
                attrs.addCDATAAttribute("label", group.getLabel());
                XMLUtils.createElement(contentHandler, "granted-group", attrs);
            }
        }
        XMLUtils.endElement(contentHandler, "granted-groups");
    }
    
    /**
     * Determines if the current user is allowed to see the link or not
     * @param link the link 
     * @return true if the current user is allowed to see the link, false otherwise
     */
    private boolean _isCurrentUserGrantedAccess(DefaultLink link)
    {
        UserIdentity user = _currentUserProvider.getUser();
        
        boolean isAllowedAnyUser = link.isAllowedAnyUser();
        UserIdentity[] grantedUsers = link.getGrantedUsers();
        GroupIdentity[] grantedGroups = link.getGrantedGroups();
        
        // There is an access restriction on users or groups
        if (ArrayUtils.isNotEmpty(grantedUsers) || ArrayUtils.isNotEmpty(grantedGroups))
        {
            return _isGrantedAccess(user, grantedUsers, grantedGroups);
        }
        
        // There is an access restriction on connected users
        if (isAllowedAnyUser)
        {
            return user != null ? true : false;
        }
        
        // There is no access restriction
        return true;
    }
    
    /**
     * Checks if the user has access to the page or not
     * @param user the identity of the user
     * @param grantedUsers the list of granted users
     * @param grantedGroups the list of granted groups
     * @return true if the user is granted access, false otherwise
     */
    private boolean _isGrantedAccess(UserIdentity user, UserIdentity[] grantedUsers, GroupIdentity[] grantedGroups)
    {
        if (user == null)
        {
            return false;
        }
        
        Set<GroupIdentity> groups  = _groupManager.getUserGroups(user);

        // Check the authorizations
        if (ArrayUtils.contains(grantedUsers, user))
        {
            return true;
        }
        
        for (GroupIdentity group : grantedGroups)
        {
            if (groups.contains(group))
            {
                return true;
            }
        }
        
        // The user doesn't belong to the granted users
        return false;
    }
    
    /**
     * Checks if the IP is authorized for use link internal URL
     * @param ipRestriction The ip restriction pattern
     * @return true the IP is authorized for use link internal URL, false otherwise
     */
    private boolean _isIPAuthorized(Pattern ipRestriction)
    {
        if (ipRestriction == null)
        {
            return true;
        }
        
        Request request = ContextHelper.getRequest(_context);
        
        // The real client IP may have been put in the non-standard "X-Forwarded-For" request header, in case of reverse proxy
        String xff = request.getHeader("X-Forwarded-For");
        String ip = null;
        
        if (xff != null)
        {
            ip = xff.split(",")[0];
        }
        else
        {
            ip = request.getRemoteAddr();
        }
        
        boolean result = ipRestriction.matcher(ip).matches();
        
        if (getLogger().isDebugEnabled())
        {
            getLogger().debug("Ip '{}' is considered {} with pattern {}", ip, result ? "internal" : "external", ipRestriction.pattern());
        }
        
        return result;
    }
}