package role

import (
	"SciencesServer/app/api/controller"
	auth2 "SciencesServer/app/api/controller/auth"
	"SciencesServer/app/api/model"
	model2 "SciencesServer/app/common/model"
	"SciencesServer/app/service"
	"SciencesServer/serve/logger"
	"SciencesServer/serve/orm"
	"SciencesServer/utils"

	"gorm.io/gorm"
)

type Auth struct{ *controller.Platform }

type AuthHandle func(session *service.Session) *Auth

// List 角色权限列表
func (c *Auth) List(roleID uint64) ([]*auth2.TreeChecked, error) {
	mSysAuth := model.NewSysAuth()

	out, err := mSysAuth.RoleAuth(c.TenantID, roleID)

	if err != nil {
		return nil, err
	}
	return auth2.TreeCheckedFunc(out, 0), nil
}

// Bind 角色权限绑定
func (c *Auth) Bind(roleID uint64, authIDs []uint64) error {
	return orm.GetDB().Transaction(func(tx *gorm.DB) error {
		mSysRoleAuth := model.NewSysRoleAuth()

		err := model2.DeleteWhere(mSysRoleAuth.SysRoleAuth, []*model2.ModelWhere{model2.NewWhere("role_id", roleID)}, tx)

		if err != nil {
			return err
		}
		// 查询权限信息
		mSysAuth := model.NewSysAuth()

		auths := make([]*model2.SysAuth, 0)

		if err = model2.Find(mSysAuth.SysAuth, &auths, &model2.ModelWhereOrder{Where: model2.NewWhereIn("id", authIDs)}); err != nil {
			return err
		}
		authRequests := make([]*service.AuthRequest, 0)

		roles := make([]*model2.SysRoleAuth, 0)

		for _, v := range auths {
			roles = append(roles, &model2.SysRoleAuth{
				ModelTenant: model2.ModelTenant{TenantID: c.TenantID}, RoleID: roleID, AuthID: v.ID,
			})
			if v.Auth == "" {
				continue
			}
			authRequests = append(authRequests, &service.AuthRequest{Url: v.Auth, Method: "*"})
		}
		if err = model2.Creates(mSysRoleAuth.SysRoleAuth, roles, tx); err != nil {
			return err
		}
		go utils.TryCatch(func() {
			permission := service.NewPermission([]string{utils.UintToString(roleID)}, authRequests...)(c.TenantKey, "")
			// 删除角色权限
			if _, err = permission.RemoveRolePolicy(); err != nil {
				logger.ErrorF("删除角色【%d】规则信息错误：%v", roleID, err)
				return
			}
			if len(authRequests) > 0 {
				if _, err = permission.AddPolicies(); err != nil {
					logger.ErrorF("创建角色【%d】规则信息错误：%v", roleID, err)
					return
				}
			}
		})
		return nil
	})
}

func NewAuth() AuthHandle {
	return func(session *service.Session) *Auth {
		return &Auth{Platform: &controller.Platform{Session: session}}
	}
}