package middleware

import (
	"log"
	"net/http"

	"gitea.local/admin/hspguard/internal/repository"
	"gitea.local/admin/hspguard/internal/util"
	"gitea.local/admin/hspguard/internal/web"
	"github.com/google/uuid"
)

type AdminMiddleware struct {
	repo *repository.Queries
}

func NewAdminMiddleware(repo *repository.Queries) *AdminMiddleware {
	return &AdminMiddleware{
		repo,
	}
}

func (m *AdminMiddleware) Runner(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		userId, ok := util.GetRequestUserId(r.Context())
		if !ok {
			log.Println("ERR: Could not get user id from request")
			web.Error(w, "not authenticated", http.StatusUnauthorized)
			return
		}

		user, err := m.repo.FindUserId(r.Context(), uuid.MustParse(userId))
		if err != nil {
			log.Println("ERR: User with provided id does not exist:", userId)
			web.Error(w, "not authenticated", http.StatusUnauthorized)
			return
		}

		if !user.IsAdmin {
			log.Println("INFO: User is not admin")
			web.Error(w, "no priviligies to access this resource", http.StatusForbidden)
			return
		}

		next.ServeHTTP(w, r)
	})
}