#!/usr/bin/env php
<?php
/**
 * Check Facebook Token Permissions
 */

$_SERVER['REQUEST_METHOD'] = 'GET';
require_once __DIR__ . '/config/config.php';

echo "=== Facebook Token Permissions Check ===\n\n";

$db = Database::getInstance()->getConnection();
$stmt = $db->prepare("SELECT value_encrypted FROM settings WHERE section = 'facebook' AND `key` = 'FB_PAGE_ACCESS_TOKEN'");
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$token = $result['value_encrypted'] ?? null;

if (!$token) {
    echo "✗ No token found\n";
    exit(1);
}

echo "Token: " . substr($token, 0, 20) . "...\n\n";

// Check token info and permissions
$url = "https://graph.facebook.com/v18.0/me/permissions?access_token=" . urlencode($token);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

$data = json_decode($response, true);

if ($httpCode === 200 && isset($data['data'])) {
    echo "Current Permissions:\n";
    echo "-------------------\n";

    $granted = [];
    $declined = [];

    foreach ($data['data'] as $perm) {
        if ($perm['status'] === 'granted') {
            $granted[] = $perm['permission'];
        } else {
            $declined[] = $perm['permission'];
        }
    }

    echo "\n✓ Granted Permissions:\n";
    if (empty($granted)) {
        echo "   (none)\n";
    } else {
        foreach ($granted as $p) {
            echo "   - $p\n";
        }
    }

    echo "\n✗ Declined/Missing Permissions:\n";
    if (empty($declined)) {
        echo "   (none)\n";
    } else {
        foreach ($declined as $p) {
            echo "   - $p\n";
        }
    }

    // Check required permissions
    echo "\n\nRequired Permissions for Publishing:\n";
    echo "------------------------------------\n";
    $required = ['pages_manage_posts', 'pages_read_engagement'];

    foreach ($required as $req) {
        if (in_array($req, $granted)) {
            echo "   ✓ $req\n";
        } else {
            echo "   ✗ $req (MISSING - REQUIRED!)\n";
        }
    }

    $allGranted = true;
    foreach ($required as $req) {
        if (!in_array($req, $granted)) {
            $allGranted = false;
            break;
        }
    }

    echo "\n";
    if ($allGranted) {
        echo "✓ All required permissions are granted!\n";
    } else {
        echo "✗ Missing required permissions!\n\n";
        echo "ACTION REQUIRED:\n";
        echo "1. Go to: https://developers.facebook.com/tools/explorer/\n";
        echo "2. Click 'Get Token' → 'Get Page Access Token'\n";
        echo "3. Make sure to check BOTH:\n";
        echo "   ☐ pages_manage_posts\n";
        echo "   ☐ pages_read_engagement\n";
        echo "4. Click 'Generate Access Token'\n";
        echo "5. Copy the new token and update in settings\n";
    }
} else {
    echo "✗ Failed to check permissions\n";
    echo "Error: " . ($data['error']['message'] ?? 'Unknown error') . "\n";
}

// Also check token debug info
echo "\n\n=== Token Debug Info ===\n";
$url = "https://graph.facebook.com/v18.0/debug_token?input_token=" . urlencode($token) . "&access_token=" . urlencode($token);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
$response = curl_exec($ch);
curl_close($ch);

$data = json_decode($response, true);
if (isset($data['data'])) {
    $info = $data['data'];
    echo "Type: " . ($info['type'] ?? 'Unknown') . "\n";
    echo "App ID: " . ($info['app_id'] ?? 'Unknown') . "\n";
    echo "Valid: " . ($info['is_valid'] ? 'Yes' : 'No') . "\n";
    echo "Expires: " . (isset($info['expires_at']) ? date('Y-m-d H:i:s', $info['expires_at']) : 'Never') . "\n";

    if (isset($info['scopes'])) {
        echo "\nScopes: " . implode(', ', $info['scopes']) . "\n";
    }
}

echo "\n=== End of Check ===\n";