package role

import (
	"SciencesServer/app/api/admin/controller/menu"
	"SciencesServer/app/api/admin/model"
	model2 "SciencesServer/app/common/model"
	"SciencesServer/app/service"
	"SciencesServer/app/session"
	"SciencesServer/serve/orm"
	"errors"
	"fmt"
	"gorm.io/gorm"
)

type Menu struct{ *session.Admin }

type MenuHandle func(session *session.Admin) *Menu

// Index 菜单列表
func (c *Menu) Index(roleID uint64) ([]*menu.TreeChecked, error) {
	mSysMenu := model.NewSysMenu()
	return menu.MenuForRoleChecked(mSysMenu, c.TenantID, roleID)
}

// Bind 绑定菜单
func (c *Menu) Bind(roleID uint64, menuIDs []uint64) error {
	if c.TenantID > 0 {
		// 查询该租户下绑定的菜单信息
		mSysTenantMenu := model.NewSysTenantMenu()

		var count int64

		if err := model2.Count(mSysTenantMenu.SysTenantMenu, &count, model2.NewWhere("tenant_id", c.TenantID),
			model2.NewWhereNotIn("menu_id", menuIDs)); err != nil {
			return err
		} else if count > 0 {
			return errors.New("操作异常，菜单权限异常")
		}
	}
	mSysRoleMenu := model.NewSysRoleMenu()

	return orm.GetDB().Transaction(func(tx *gorm.DB) error {
		err := model2.DeleteWhere(mSysRoleMenu.SysRoleMenu, []*model2.ModelWhere{model2.NewWhere("role_id", roleID)}, tx)

		if err != nil {
			return err
		}
		permission := service.NewPermission(
			service.WithAuthTenant(fmt.Sprintf("%d", c.TenantID)),
			service.WithAuthRoles([]string{fmt.Sprintf("%d", roleID)}),
		)
		if len(menuIDs) <= 0 {
			_, err = permission.RemoveSingleRolePolicy()
			return err
		}
		// 查询菜单信息
		mSysMenu := model.NewSysMenu()

		menus := make([]*model2.SysMenu, 0)

		if err = model2.ScanFields(mSysMenu.SysMenu, &menus, []string{"id", "kind", "auth"}, &model2.ModelWhereOrder{
			Where: model2.NewWhereIn("id", menuIDs),
		}); err != nil {
			return err
		}
		data := make([]*model2.SysRoleMenu, 0)

		request := make([]*service.AuthRequest, 0)

		for _, v := range menus {
			data = append(data, &model2.SysRoleMenu{
				RoleID: roleID,
				MenuID: v.ID,
			})
			if v.Kind == model2.SysMenuKindForCatalogue || v.Auth == "" {
				continue
			}
			mSysMenu.Auth = v.Auth

			request = append(request, &service.AuthRequest{
				Url:    mSysMenu.FilterAuth(),
				Method: "*",
			})
		}
		if err = model2.Creates(mSysRoleMenu.SysRoleMenu, data, tx); err != nil {
			return err
		}
		if len(request) > 0 {
			service.WithAuthRequest(request)(permission)

			if _, err = permission.AddPolicies(); err != nil {
				return err
			}
		}
		return nil
	})
}

func NewMenu() MenuHandle {
	return func(session *session.Admin) *Menu {
		return &Menu{Admin: session}
	}
}