#!/bin/pwsh
$contextScript = "$PSScriptRoot/../../Scripts/Context.ps1";
. "$contextScript";
$preparedUsernameProperty = "AutoLoginUser";
$preparedPasswordProperty = "AutoLoginPassword";
$autoLoginTriggerProperty = "AutoLoginTrigger";
$uacDisablerTriggerProperty = "UACDisablerTrigger";

function New-PersonalUser([Context] $context, [string] $userName)
{
    $userStageProperty = "UserStage";
    $creationStage = "Create";
    $postProcessStage = "ReEnableFeatures";
    $adminRemovalStage = "RemoveAdmin";

    function Get-UserStage() {
        return $context.Get($userStageProperty);
    }

    function Set-UserStage() {
        param([string]$value);
        $context.Set($userStageProperty, $value);
    }

    switch (Get-UserStage) {
        { (-not $_) -or ($_ -eq $creationStage) } {
            Set-UserStage $creationStage;

            if (-not (Get-LocalUser $userName -ErrorAction SilentlyContinue)) {
                Write-Host "Creating Personal User ``$userName``";

                Get-LocalUser | Where-Object { $_.Name -in $context.UserNames } |
                    Disable-LocalUser;

                while ($true) {
                    Write-Host (
                        [string]::Join(
                            "`n",
                            "So... Windows is too dumb to create users which are bound to a Microsoft Account.",
                            "Thus, you have to do it by yourself.",
                            "So sorry..."));

                    $users = Get-LocalUser | ForEach-Object { $_.Name };
                    Write-Host "Following users exist already:"
                    Write-Host $users;
                    Write-Host "Create a user for ``$userName`` manually"
                    Read-Host "Please hit enter once you're done...";

                    $user = Get-LocalUser | Where-Object { -not ($users -contains $_.Name) } | Select-Object -Last 1;

                    if ($user) {
                        Write-Information "Found New User:";
                        Write-Information $user;
                        break;
                    }
                }

                Write-Information "Renaming the new User to $userName";
                Rename-LocalUser $user $userName;

                Add-LocalGroupMember -Group "Administrators" -Member $user &&
                    Set-LocalUser $context.AdminName -Password (ConvertTo-SecureString -AsPlainText "Admin") &&
                    Disable-LocalUser $context.AdminName;

                Write-Information "Disabling Auto login";
                $context.RemoveAutologin();
                Write-Host "Registering setup script for all new users";
                $context.RegisterNewUserReboot();
                Register-UserPostprocessingTasks $context;
                Set-UserStage $postProcessStage;
                Restart-Computer -Force;
                exit;
            }
        }
        $postProcessStage {
            Enable-PersonalUserAutologon $context $userName;
            Set-UserStage $adminRemovalStage;
            Start-EventDrivenTask $context.Get($uacDisablerTriggerProperty);
            $context.Reboot();
            exit;
        }
        $adminRemovalStage {
            Write-Information "Removing Admin Account";
            Get-CimInstance -ClassName "Win32_UserProfile" -Filter "SID = '$((Get-LocalUser $context.AdminName).SID)'" | Remove-CimInstance;
            $context.Remove($userStageProperty);
            break;
        }
    }
}

function Register-UserPostprocessingTasks([Context] $context) {
    Write-Information "Enabling UAC for the next login (Microsoft Account login won't work otherwise, lol)";
    $context.SetUACState($true);
    $tempTask = "PortValhalla Temp";
    $autoLoginName = "PortValhalla AutoLogin Setup";
    $uacDisablerName = "PortValhalla UAC Disabler";
    $autoLoginTrigger = Get-Random -Maximum 0xFFFF;
    $uacDisablerTrigger = Get-Random -Maximum 0xFFFF;

    $context.Set($autoLoginTriggerProperty, $autoLoginTrigger, "DWord");
    $context.Set($uacDisablerTriggerProperty, $uacDisablerTrigger, "DWord");

    Write-Information "Registering tasks for re-enabling autologon and re-enabling UAC on next login";

    $optionCollection = [System.Tuple[int, string, string[]][]]@(
        [System.Tuple]::Create(
            $autoLoginTrigger,
            $autoLoginName,
            @(
                ". `"$PSScriptRoot/AutoLogin.ps1`"",
                "   $autoLoginTrigger",
                "   '$preparedUsernameProperty'",
                "   '$preparedPasswordProperty'")),
        [System.Tuple]::Create(
            $uacDisablerTrigger,
            $uacDisablerName,
            @(
                ". `"$PSScriptRoot/UACDisabler.ps1`"",
                "   $uacDisablerTrigger",
                "   '$autoLoginName'",
                "   '$uacDisablerName'",
                "   '$autoLoginTriggerProperty'",
                "   '$uacDisablerTriggerProperty'")));

    foreach ($options in $optionCollection) {
        $action = New-ScheduledTaskAction -Execute "pwsh.exe" -Argument ((@("-c") + $options.Item3) -join " ");

        schtasks /Create /SC ONEVENT /EC Application /MO "*[System[Provider[@Name='Application'] and EventID=$($options.Item1)]]" /TR cmd.exe /TN "$tempTask";
        $trigger = (Get-ScheduledTask $tempTask).Triggers;
        $principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest;
        $task = New-ScheduledTask -Action $action -Principal $principal -Trigger $trigger;
        $null = Register-ScheduledTask $options.Item2 -InputObject $task;
        $null = Unregister-ScheduledTask -Confirm:$false $tempTask;
    }
}

function Enable-PersonalUserAutologon([Context] $context, [string] $userName)
{
    Add-Type -assemblyname System.DirectoryServices.AccountManagement;
    Write-Information "Re-Enabling Autologin for Current User";
    $principalContext = [System.DirectoryServices.AccountManagement.PrincipalContext]::new("Machine");

    while ($true)
    {
        $password = Read-Host "Please enter the password of your Microsoft Account" -MaskInput;

        if ($principalContext.ValidateCredentials($userName, $password))
        {
            break;
        }
        else {
            Write-Error "The specified password is incorrect!";
        }
    }

    $context.Set($preparedUsernameProperty, $userName);
    $context.Set($preparedPasswordProperty, $password);
    Start-EventDrivenTask $context.Get($autoLoginTriggerProperty);
}

function Start-EventDrivenTask() {
    param(
        [int]$EventID
    );

    powershell -c {
        param (
            [int]$EventID
        )
        $identifier = "EventLog$EventID";
        $applicationLog = Get-EventLog -List | Where-Object { $_.Log -eq "Application" };

        Register-ObjectEvent -InputObject $applicationLog -EventName EntryWritten -Action {
            $entry = $event.SourceEventArgs.Entry;

            if ($entry.EventID -eq $EventID) {
                $null = New-Event -SourceIdentifier $identifier;
            }
        };

        $job = Start-Job {
            Wait-Event -SourceIdentifier $identifier;
            Wait-Event -SourceIdentifier $identifier;
        };

        Write-EventLog -LogName Application -Source "Application" -EventId $EventID -Message "This event was created by $env:Username";
        $null = Wait-Job $job;
    } -args $EventID
}