using API.Authentication.GrantNames;
using API.Authentication.Interfaces;
using API.DTO.Base;
using API.Services;
using DAL.Models;

namespace API.Authentication
{
	public class PermissionAuthentication : IPermissionAuthentication
	{
		private readonly GrantService _grantService;
		private readonly ILogger<PermissionAuthentication> _logger;
		public PermissionAuthentication(ILogger<PermissionAuthentication> logger, GrantService grantService)
		{
			_logger = logger;
			_grantService = grantService;
		}

		public bool canGetAll(User user)
		{
			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanGetAll);
		}
		public bool canGet(Permission model, User user)
		{
			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanGetAny) ||
			       _grantService.getULongValues(user.permissionId, PermissionGrantNames.CanGet).Exists(x => x == model.id);
		}
		public bool canAdd(PermissionDTO item, User user)
		{
			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanAdd);
		}
		public bool canUpdate(Permission model, User user)
		{
			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanUpdateAny) ||
			       _grantService.getULongValues(user.permissionId, PermissionGrantNames.CanUpdate).Exists(x => x == model.id);
		}
		public bool canDelete(Permission model, User user)
		{
			return (_grantService.hasGrant(user.permissionId, PermissionGrantNames.CanDeleteAny) ||
			        _grantService.getULongValues(user.permissionId, PermissionGrantNames.CanDelete).Exists(x => x == model.id))
			       && model.id != user.permissionId;
		}
	}
}