using API.Authentication.GrantNames;
using API.Authentication.Interfaces;
using API.DTO.Base;
using API.Services;
using API.Services.Interfaces;
using DAL.Models;

namespace API.Authentication
{
	public class PermissionAuthentication : IPermissionAuthentication
	{
		private readonly IGrantManager _grantManager;
		private readonly ILogger<PermissionAuthentication> _logger;
		public PermissionAuthentication(ILogger<PermissionAuthentication> logger, IGrantManager grantManager)
		{
			_logger = logger;
			_grantManager = grantManager;
		}

		public bool canGetAll(User user)
		{
			return _grantManager.hasGrant(user.permissionId, PermissionGrantNames.CanGetAll);
		}
		public bool canGet(Permission model, User user)
		{
			return _grantManager.hasGrant(user.permissionId, PermissionGrantNames.CanGetAny) ||
			       _grantManager.getULongValues(user.permissionId, PermissionGrantNames.CanGet).Exists(x => x == model.id);
		}
		public bool canAdd(PermissionDTO item, User user)
		{
			return _grantManager.hasGrant(user.permissionId, PermissionGrantNames.CanAdd);
		}
		public bool canUpdate(Permission model, User user)
		{
			return _grantManager.hasGrant(user.permissionId, PermissionGrantNames.CanUpdateAny) ||
			       _grantManager.getULongValues(user.permissionId, PermissionGrantNames.CanUpdate).Exists(x => x == model.id);
		}
		public bool canDelete(Permission model, User user)
		{
			return (_grantManager.hasGrant(user.permissionId, PermissionGrantNames.CanDeleteAny) ||
			        _grantManager.getULongValues(user.permissionId, PermissionGrantNames.CanDelete).Exists(x => x == model.id))
			       && model.id != user.permissionId;
		}
	}
}