import { inject } from '@loopback/context';
import { Count, CountSchema, Filter, repository, Where, } from '@loopback/repository';
import { HttpErrors, post, param, get, patch, put, del, getFilterSchemaFor, getWhereSchemaFor, requestBody, } from '@loopback/rest';
import {
  UserServiceBindings,
  UserService,
  User, UserRepository, UserCredentials,
  UserGroup, UserGroupRepository, UserToGroup, UserToGroupRepository,
  UserGroupEndPointPermission, UserGroupEndPointPermissionRepository,
  UserEndPointPermission, UserEndPointPermissionRepository,
  authenticate,
  ErrorSchema,
  StatusSchema,
} from '../..';

export class PermissionController
{
  constructor(
    @inject(UserServiceBindings.REPO_USER) public userRepository: UserRepository,
    @inject(UserServiceBindings.REPO_GROUP) public userGroupRepository: UserGroupRepository,
    @inject(UserServiceBindings.REPO_USR2GRP) public userToGroupRepository: UserToGroupRepository,
    @inject(UserServiceBindings.REPO_UGEPPERM) public userGroupEndPointPermissionRepository: UserGroupEndPointPermissionRepository,
    @inject(UserServiceBindings.REPO_UEPPERM) public userEndPointPermissionRepository: UserEndPointPermissionRepository,
  ) {}

  @post('/permissions/group', {
    responses: {
      '204': {
        description: 'Permission added to user group successfully',
      },
      "401": {
        description: "Unauthorized - token is invalid/expired or absent",
        content: { "application/json": { schema: ErrorSchema, }, },
      }
    },
    security: [
      {
        jwt: ['jwt'],
      },
    ],
  })
	@authenticate('jwt')
  async addToGroup(
    @requestBody() userGroupPermission: UserGroupEndPointPermission,
  ): Promise<void> {
    const groupId = userGroupPermission.groupId;
    const userGroup = await this.userGroupRepository.findById(groupId);
    const endpointId = userGroupPermission.endpointId;
    const ugp: UserGroupEndPointPermission|null = await this.userGroupEndPointPermissionRepository.findOne({ where: { endpointId, groupId }, });
    if (ugp) {
      await this.userGroupEndPointPermissionRepository.updateById(ugp.id, userGroupPermission);
    } else {
      await this.userGroupEndPointPermissionRepository.create(userGroupPermission);
    }
  }

  @post('/permissions/user', {
    responses: {
      '204': {
        description: 'Permission added to user successfully',
      },
      "401": {
        description: "Unauthorized - token is invalid/expired or absent",
        content: { "application/json": { schema: ErrorSchema, }, },
      }
    },
    security: [
      {
        jwt: ['jwt'],
      },
    ],
  })
	@authenticate('jwt')
  async addToUser(
    @requestBody() userPermission: UserEndPointPermission,
  ): Promise<void> {
    const userId = userPermission.userId;
    const user = await this.userRepository.findById(userId);
    const endpointId = userPermission.endpointId;
    const up: UserEndPointPermission|null = await this.userEndPointPermissionRepository.findOne({ where: { endpointId, userId }, });
    if (up) {
      await this.userEndPointPermissionRepository.updateById(up.id, userPermission);
    } else {
      await this.userEndPointPermissionRepository.create(userPermission);
    }
  }
}