import { NextFunction, Request, Response } from "express"
import { CatchAsyncError } from "../../middleware/Catch"
import { ApiResponse } from "../../middleware/ApiResponse"
import { permission } from "../../utils/permission"
import { ApiError } from "../../middleware/ApiError";
import { PermissionService } from "./permission.service";

export const getAllPermission = CatchAsyncError(async (req: Request, res: Response, next: NextFunction) => {
    return res.status(200).json(
        new ApiResponse("All Permissions", 200, permission)
    )
});


export const getAllPermissionByUser = CatchAsyncError(async (req: Request, res: Response, next: NextFunction) => {

    const { userId } = req.params as { userId: string }

    if (!userId) {
        throw new ApiError("User ID is required", 400)
    }

    const response = await PermissionService.getAllPermissionByUser(userId);

    const filterPermission = response?.permission?.split(",") ?? []

    return res.status(200).json(
        new ApiResponse("All Permissions", 200, filterPermission)
    )
})

export const updatePermissionByUser = CatchAsyncError(async (req: Request, res: Response, next: NextFunction) => {



    const { permission, userId } = req.body as { userId: string, permission: string[] }


    const isValid = permission.every((perm) => {
        return permission.includes(perm)
    })


    if (!isValid) {
        throw new ApiError("Invalid Permission", 400)
    }


    const existingPermissionRecord = await PermissionService.getAllPermissionByUser(userId);

    let result;

    if (existingPermissionRecord) {
        result = await PermissionService.updateUserPermission(permission, existingPermissionRecord.id);
    } else {
        result = await PermissionService.createUserPermission(permission, userId);
    }


    return res.status(201).json(
        new ApiResponse("Permission updated successfully", 201, result ?? [])
    );



})