import { inject } from '@loopback/context';
import { CoreBindings, ControllerClass } from '@loopback/core';
import { RestApplication, RestBindings, HttpErrors, Request } from '@loopback/rest';
import {
  User, UserGroup, UserToGroup,
  UserServiceBindings,
  UserRepository,
  UserGroupRepository,
  UserToGroupRepository,
  UserGroupEndPointPermission, UserGroupEndPointPermissionRepository,
  UserEndPointPermission, UserEndPointPermissionRepository,
} from '..';

import * as _ from 'lodash';

export class PermissionChecker
{
  protected _userRepo: UserRepository;
  protected _userGroupRepo: UserGroupRepository;
  protected _userToGroupRepo: UserToGroupRepository;
  protected _userEndPointPermRepo: UserEndPointPermissionRepository;
  protected _userGroupEndPointPermRepo: UserGroupEndPointPermissionRepository;
  public defaultAccess = true; // true == allowed, false == deny;

  constructor(
    @inject(RestBindings.Http.REQUEST) public request: Request,
    @inject(CoreBindings.CONTROLLER_CLASS) public controller: ControllerClass,
    @inject(CoreBindings.CONTROLLER_METHOD_NAME) public method: string,
    @inject(CoreBindings.APPLICATION_INSTANCE) protected app: RestApplication,
//    @inject(UserServiceBindings.REPO_GROUP) public userGroupRepository: UserGroupRepository,
//    @inject(UserServiceBindings.REPO_USR2GRP) public userToGroupRepository: UserToGroupRepository,
//    @inject(UserServiceBindings.REPO_UGEPPERM) public userGroupEndPointPermissionRepository: UserGroupEndPointPermissionRepository,
//    @inject(UserServiceBindings.REPO_UEPPERM) public userEndPointPermissionRepository: UserEndPointPermissionRepository,
  ) {
    this.app.get(UserServiceBindings.REPO_USER)
      .then((userRepo: UserRepository) => { this._userRepo = userRepo; })
      .catch((e) => { console.log('ERROR: user repo'); });

    this.app.get(UserServiceBindings.REPO_GROUP)
      .then((userGroupRepo: UserGroupRepository) => { this._userGroupRepo = userGroupRepo; })
      .catch((e) => { console.log('ERROR: user group repo'); });

    this.app.get(UserServiceBindings.REPO_USR2GRP)
      .then((userToGroupRepo: UserToGroupRepository) => { this._userToGroupRepo = userToGroupRepo; })
      .catch((e) => { console.log('ERROR: user to group repo'); });

    this.app.get(UserServiceBindings.REPO_UGEPPERM)
      .then((userGroupEndPointPermRepo: UserGroupEndPointPermissionRepository) => { this._userGroupEndPointPermRepo = userGroupEndPointPermRepo; })
      .catch((e) => { console.log('ERROR: user group endpoint permission repo'); });

    this.app.get(UserServiceBindings.REPO_UEPPERM)
      .then((userEndPointPermRepo: UserEndPointPermissionRepository) => { this._userEndPointPermRepo = userEndPointPermRepo; })
      .catch((e) => { console.log('ERROR: user endpoint permission repo'); });
  }

  async isAllowed (user: User): Promise<boolean>
  {
    const endpointId: string = this.request.method + '#' + this.controller.name + '#' + this.method;
    const userPermissions: UserEndPointPermission|null = await this._userEndPointPermRepo.findOne({ where: { userId: user.id, endpointId } });
    if (userPermissions) return !!userPermissions.permission;
    const userGroups: UserGroup[]|null = await this.getUserGroups(user);
    const filterPerms = _.map(userGroups, (obj) => ({ groupId:obj.id, endpointId }));
    const userGroupPermissions: UserGroupEndPointPermission[]|null = await this._userGroupEndPointPermRepo.find({ where: { or: filterPerms } });
    if (!userGroupPermissions || !userGroupPermissions.length) return this.defaultAccess;
    let permission = 0;
    userGroupPermissions.forEach((perm: UserGroupEndPointPermission, i) => { permission |= perm.permission; });
    return !!permission;
  }

  async getUserGroups (user: User): Promise<UserGroup[]|null>
  {
    const userToGroups: UserToGroup[] = await this._userToGroupRepo.find({ where: { userId: user.id } });
    const filterGroups = _.map(userToGroups, (obj) => ({ id:obj.groupId }));
    const userGroups: UserGroup[] = await this._userGroupRepo.find({ where: { or: filterGroups } });
    return userGroups;
  }
}