#!/bin/pwsh
. "$PSScriptRoot/../Scripts/Context.ps1";
$preparedUsernameProperty = "AutoLoginUser";
$preparedPasswordProperty = "AutoLoginPassword";
$autoLoginTriggerProperty = "AutoLoginTrigger";
$uacDisablerTriggerProperty = "UACDisablerTrigger";

function New-PersonalUser([Context] $context)
{
    if (-not (Get-LocalUser $context.UserName -ErrorAction SilentlyContinue))
    {
        Write-Host "Creating Personal User";

        while ($true) {
            Write-Host (
                [string]::Join(
                    "`n",
                    "So... Windows is too dumb to create users which are bound to a Microsoft Account.",
                    "Thus, you have to do it by yourself.",
                    "So sorry..."));

            $users = Get-LocalUser | ForEach-Object { $_.Name };
            Write-Host "Following users exist already:"
            Write-Host $users;
            Read-Host "Please hit enter once you're done...";

            $user = Get-LocalUser | Where-Object { -not ($users -contains $_.Name) } | Select-Object -Last 1;

            if ($user) {
                Write-Information "Found New User:";
                Write-Information $user;
                break;
            }
        }

        Write-Information "Renaming the new User to $($context.UserName)";
        Rename-LocalUser $user $context.UserName;
        Add-LocalGroupMember -Group "Administrators" -Member $user && Set-LocalUser $context.AdminName -Password (ConvertTo-SecureString -AsPlainText "Admin") && Disable-LocalUser $context.AdminName;

        Write-Host "Registering setup script for all new users";
        $context.RegisterNewUserReboot();

        Write-Information "Enabling UAC for the next login (Microsoft Account login won't work otherwise, lol)";
        Enable-UACNextLogin $context;

        Write-Information "Disabling Auto login";
        $context.RemoveAutologin();
        $context.SetStage("DisableUAC");
        Restart-Computer;
        exit;
    }
    elseif ($context.GetStage() -eq "DisableUAC")
    {
        Enable-PersonalUserAutologon $context;
        $context.RegisterReboot();
        $context.SetStage("RemoveAdmin");
        Write-EventLog -LogName Application -Source "Application" -EventId $context.Get($uacDisablerTriggerProperty) -Message "This event was created by $env:Username";
        exit;
    }
    elseif ($context.GetStage() -eq "RemoveAdmin")
    {
        Write-Information "Removing Admin Account";
        Get-CimInstance -ClassName "Win32_UserProfile" -Filter "SID = '$((Get-LocalUser $context.AdminName).SID)'" | Remove-CimInstance;
        $context.RemoveStage();
    }
}

function Enable-UACNextLogin([Context] $context) {
    $context.SetUACState($true);
    $tempTask = "PortValhalla Temp";
    $autoLoginName = "PortValhalla AutoLogin Setup";
    $uacDisablerName = "PortValhalla UAC Disabler";
    $autoLoginTrigger = Get-Random -Maximum 65535;
    $uacDisablerTrigger = Get-Random -Maximum 65535;

    $context.Set($autoLoginTriggerProperty, $autoLoginTrigger, "DWord");
    $context.Set($uacDisablerTriggerProperty, $uacDisablerTrigger, "DWord");

    $optionCollection = [System.Tuple[int, string, string[]][]]@(
        [System.Tuple]::Create(
            $autoLoginTrigger,
            $autoLoginName,
            @(
                ". '$PSScriptRoot/../Scripts/Context.ps1';",
                "`$context = [Context]::new();",
                "`$username = `$context.Get('$preparedUsernameProperty');",
                "`$password = `$context.Get('$preparedPasswordProperty');",
                "`$context.SetAutologin(`$username, `$password);",
                "`$context.Remove('$preparedUsernameProperty');",
                "`$context.Remove('$preparedPasswordProperty');")),
        [System.Tuple]::Create(
            $uacDisablerTrigger,
            "PortValhalla UAC Disabler",
            @(
                "Unregister-ScheduledTask -Confirm:`$false '$autoLoginName';",
                "Unregister-ScheduledTask -Confirm:`$false '$uacDisablerName';",
                ". '$PSScriptRoot/../Scripts/Context.ps1';",
                "`$context = [Context]::new();",
                "`$context.SetUACState(`$false);",
                "`$context.Remove('$autoLoginTriggerProperty');",
                "`$context.Remove('$uacDisablerTriggerProperty');",
                "`$context.DeregisterNewUserReboot();",
                "Restart-Computer -Force;")));

    foreach ($options in $optionCollection) {
        $action = New-ScheduledTaskAction -Execute "pwsh.exe" -Argument (
            [string]::Join(
                " ",
                (
                    @("-c") +
                    ($options.Item3 | ForEach-Object { $_.TrimEnd(";") + ";" }))));

        schtasks /Create /SC ONEVENT /EC Application /MO "*[System[Provider[@Name='Application'] and EventID=$($options.Item1)]]" /TR cmd.exe /TN "$tempTask";
        $trigger = (Get-ScheduledTask $tempTask).Triggers;
        $principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest;
        $task = New-ScheduledTask -Action $action -Principal $principal -Trigger $trigger;
        $null = Register-ScheduledTask $options.Item2 -InputObject $task;
        $null = Unregister-ScheduledTask -Confirm:$false $tempTask;
    }
}

function Enable-PersonalUserAutologon([Context] $context)
{
    Add-Type -assemblyname System.DirectoryServices.AccountManagement;
    Write-Information "Re-Enabling Autologin for Current User";
    $principalContext = [System.DirectoryServices.AccountManagement.PrincipalContext]::new("Machine");

    while ($true)
    {
        $password = Read-Host "Please enter the password of your user" -MaskInput;

        if ($principalContext.ValidateCredentials($context.UserName, $password))
        {
            break;
        }
        else {
            Write-Error "The specified password is incorrect!";
        }
    }

    $context.Set($preparedUsernameProperty, $context.UserName, "ExpandString");
    $context.Set($preparedPasswordProperty, $password, "ExpandString");
    Write-EventLog -LogName Application -Source "Application" -EventId $context.Get($autoLoginTriggerProperty) -Message "This event was created by $env:Username";
}