package user

import (
	"github.com/veypi/vbase/cfg"
	"github.com/veypi/vbase/models"
	"github.com/veypi/vigo"
	"gorm.io/gorm"
)

// User specific permissions (data-level or direct assignment)

type GetPermissionsReq struct {
	UserID string `src:"path@user_id" desc:"User ID"`
}

func getPermissions(x *vigo.X, req *GetPermissionsReq) ([]models.UserPermission, error) {
	var userPermissions []models.UserPermission
	if err := cfg.DB().Where("user_id = ?", req.UserID).Find(&userPermissions).Error; err != nil {
		return nil, vigo.ErrDatabase.WithError(err)
	}
	return userPermissions, nil
}

type UpdatePermissionsReq struct {
	UserID      string `src:"path@user_id" desc:"User ID"`
	Permissions []struct {
		PermissionID string `json:"permission_id"`
		ResourceID   string `json:"resource_id"`
	} `json:"permissions" src:"json" desc:"List of User Permissions"`
}

func updatePermissions(x *vigo.X, req *UpdatePermissionsReq) error {
	var user models.User
	if err := cfg.DB().First(&user, "id = ?", req.UserID).Error; err != nil {
		return vigo.ErrNotFound
	}
    
    grantor := ""
    if uid := x.Get("user_id"); uid != nil {
        if s, ok := uid.(string); ok {
            grantor = s
        }
    }

	return cfg.DB().Transaction(func(tx *gorm.DB) error {
		if err := tx.Where("user_id = ?", req.UserID).Delete(&models.UserPermission{}).Error; err != nil {
			return err
		}

		if len(req.Permissions) > 0 {
			userPermissions := make([]models.UserPermission, 0, len(req.Permissions))
			for _, p := range req.Permissions {
				userPermissions = append(userPermissions, models.UserPermission{
					UserID:       req.UserID,
					PermissionID: p.PermissionID,
					ResourceID:   p.ResourceID,
					GrantedBy:    grantor,
				})
			}
			if err := tx.Create(&userPermissions).Error; err != nil {
				return err
			}
		}
		return nil
	})
}