package com.android.trisolarisserver.controller

import com.android.trisolarisserver.component.PropertyAccess
import com.android.trisolarisserver.models.property.AppUser
import com.android.trisolarisserver.models.property.Role
import com.android.trisolarisserver.repo.AppUserRepo
import com.android.trisolarisserver.security.MyPrincipal
import org.springframework.http.HttpStatus
import org.springframework.web.server.ResponseStatusException
import java.util.UUID

internal fun requirePrincipal(principal: MyPrincipal?): MyPrincipal {
    return principal ?: throw ResponseStatusException(HttpStatus.UNAUTHORIZED, "Missing principal")
}

internal fun requireUser(appUserRepo: AppUserRepo, principal: MyPrincipal?): AppUser {
    val resolved = requirePrincipal(principal)
    return appUserRepo.findById(resolved.userId).orElseThrow {
        ResponseStatusException(HttpStatus.UNAUTHORIZED, "User not found")
    }
}

internal fun requireMember(
    propertyAccess: PropertyAccess,
    propertyId: UUID,
    principal: MyPrincipal?
): MyPrincipal {
    val resolved = requirePrincipal(principal)
    propertyAccess.requireMember(propertyId, resolved.userId)
    return resolved
}

internal fun requireRole(
    propertyAccess: PropertyAccess,
    propertyId: UUID,
    principal: MyPrincipal?,
    vararg roles: Role
): MyPrincipal {
    val resolved = requireMember(propertyAccess, propertyId, principal)
    propertyAccess.requireAnyRole(propertyId, resolved.userId, *roles)
    return resolved
}