//
// Copyright (C) 2024 veypi <i@veypi.com>
// 2025-03-04 16:08:06
// Distributed under terms of the MIT license.
//

package policy

import (
	"github.com/veypi/vbase/cfg"
	"github.com/veypi/vbase/models"
	"github.com/veypi/vigo"
)

type CreateRequest struct {
	Code        string `json:"code" src:"json" desc:"策略代码"`
	Name        string `json:"name" src:"json" desc:"策略名称"`
	Description string `json:"description,omitempty" src:"json" desc:"描述"`
	Resource    string `json:"resource" src:"json" desc:"资源: user/org/resource/*"`
	Action      string `json:"action" src:"json" desc:"操作: create/read/update/delete/*"`
	Effect      string `json:"effect" src:"json" desc:"效果: allow/deny"`
	Condition   string `json:"condition,omitempty" src:"json" desc:"条件: owner/org_member"`
	Scope       string `json:"scope" src:"json" desc:"作用域: platform/org/resource"`
}

func create(x *vigo.X, req *CreateRequest) (*models.Policy, error) {
	// 检查代码是否已存在
	var count int64
	cfg.DB().Model(&models.Policy{}).Where("code = ?", req.Code).Count(&count)
	if count > 0 {
		return nil, vigo.ErrArgInvalid.WithString("policy code already exists")
	}

	policy := &models.Policy{
		Code:        req.Code,
		Name:        req.Name,
		Description: req.Description,
		Resource:    req.Resource,
		Action:      req.Action,
		Effect:      req.Effect,
		Condition:   req.Condition,
		Scope:       req.Scope,
	}

	if policy.Effect == "" {
		policy.Effect = models.PolicyEffectAllow
	}
	if policy.Scope == "" {
		policy.Scope = models.PolicyScopeOrg
	}

	if err := cfg.DB().Create(policy).Error; err != nil {
		return nil, vigo.ErrInternalServer.WithError(err)
	}

	return policy, nil
}