package middleware

import (
	"net/http"

	"git.gocasts.ir/ebhomengo/niki/entity"
	"git.gocasts.ir/ebhomengo/niki/pkg/claim"
	errmsg "git.gocasts.ir/ebhomengo/niki/pkg/err_msg"
	adminauthorizationservice "git.gocasts.ir/ebhomengo/niki/service/admin/authorization"
	"github.com/labstack/echo/v4"
)

func AdminAuthorization(service adminauthorizationservice.Service,
	permissions ...entity.AdminPermission,
) echo.MiddlewareFunc {
	return func(next echo.HandlerFunc) echo.HandlerFunc {
		return func(c echo.Context) (err error) {
			claims := claim.GetClaimsFromEchoContext(c)

			isAllowed, err := service.CheckAccess(claims.UserID, entity.MapToAdminRole(claims.Role), permissions...)
			if err != nil {
				return c.JSON(http.StatusInternalServerError, echo.Map{
					"message": errmsg.ErrorMsgSomethingWentWrong,
				})
			}

			if !isAllowed {
				return c.JSON(http.StatusForbidden, echo.Map{
					"message": errmsg.ErrorMsgUserNotAllowed,
				})
			}

			return next(c)
		}
	}
}