using API.Authentication.GrantNames;
using API.Authentication.Interfaces;
using API.DTO.Base;
using API.Services;
using DAL.Models;

namespace API.Authentication
{
	public class GrantAuthentication : IGrantAuthentication
	{
		private readonly GrantService _grantService;
		private readonly ILogger<GrantAuthentication> _logger;

		public GrantAuthentication(GrantService grantService, ILogger<GrantAuthentication> logger)
		{
			_grantService = grantService;
			_logger = logger;
		}

		public bool canGetAll(User user)
		{
			return _grantService.hasGrant(user.permissionId, GrantGrantNames.CanGetAll);
		}
		public bool canGet(Grant model, User user)
		{
			return _grantService.hasGrant(user.permissionId, GrantGrantNames.CanGetAny) ||
			       _grantService.getULongValues(user.permissionId, GrantGrantNames.CanGet).Exists(x => x == model.id);
		}
		public bool canAdd(GrantDTO item, User user)
		{
			return _grantService.hasGrant(user.permissionId, GrantGrantNames.CanAdd) && 
			       _grantService.hasGrant(user.permissionId, item.name);
		}
		public bool canUpdate(Grant model, User user)
		{
			// Doesn't make sense to update the name of a grant. The updater can just delete and remake.
			return false;
		}
		public bool canDelete(Grant model, User user)
		{
			return (_grantService.hasGrant(user.permissionId, GrantGrantNames.CanDeleteAny) ||
			       _grantService.getULongValues(user.permissionId, GrantGrantNames.CanDelete).Exists(x => x == model.id))
				&& _grantService.hasGrant(user.permissionId, model.name);
		}
	}
}