import type Koa from "koa";
import type { UserState } from "../login.ts";
import { sendError } from "../route/error_handler.ts";

export enum Permission {
	// ========
	// not implemented
	// admin only
	/** remove document */
	// removeContent = 'removeContent',

	/** upload document */
	// uploadContent = 'uploadContent',

	/** modify document except base path, filename, content_hash. but admin can modify all. */
	// modifyContent = 'modifyContent',

	/** add tag into document */
	// addTagContent = 'addTagContent',
	/** remove tag from document */
	// removeTagContent = 'removeTagContent',
	/** ModifyTagInDoc */
	ModifyTag = "ModifyTag",

	/** find documents with query */
	// findAllContent = 'findAllContent',
	/** find one document. */
	// findOneContent = 'findOneContent',
	/** view content*/
	// viewContent = 'viewContent',
	QueryContent = "QueryContent",

	/** modify description about the one tag. */
	modifyTagDesc = "ModifyTagDesc",
}

export const createPermissionCheckMiddleware =
	(...permissions: string[]) =>
	async (ctx: Koa.ParameterizedContext<UserState>, next: Koa.Next) => {
		const user = ctx.state.user;
		if (user.username === "admin") {
			return await next();
		}
		const user_permission = user.permission;
		// if permissions is not subset of user permission
		if (!permissions.map((p) => user_permission.includes(p)).every((x) => x)) {
			if (user.username === "") {
				return sendError(401, "you are guest. login needed.");
			}return sendError(403, "do not have permission");
		}
		await next();
	};
export const AdminOnlyMiddleware = async (ctx: Koa.ParameterizedContext<UserState>, next: Koa.Next) => {
	const user = ctx.state.user;
	if (user.username !== "admin") {
		return sendError(403, "admin only");
	}
	await next();
};