import { Body, Controller, Get, Path, Post, Request, Route, Security, Tags } from "tsoa";
import { AppDataSource } from "../database/data-source";
import { RequestWithUser } from "../middlewares/user";
import HttpError from "../interfaces/http-error";
import HttpStatus from "../interfaces/http-status";
import HttpSuccess from "../interfaces/http-success";
import HttpStatusCode from "../interfaces/http-status";
import { AuthRole } from "../entities/AuthRole";
import { AuthRoleAttr } from "../entities/AuthRoleAttr";
import { PosMaster } from "../entities/PosMaster";
import { Profile } from "../entities/Profile";

@Route("api/v1/org/permission")
@Tags("Permission")
@Security("bearerAuth")
export class PermissionController extends Controller {
  private profileRepo = AppDataSource.getRepository(Profile);
  private posMasterRepository = AppDataSource.getRepository(PosMaster);
  private authRoleRepo = AppDataSource.getRepository(AuthRole);
  private authRoleAttrRepo = AppDataSource.getRepository(AuthRoleAttr);

  @Get("")
  public async getPermission(@Request() request: { user: Record<string, any> }) {
    const profile = await this.profileRepo.findOne({
      select: ["id"],
      where: { keycloak: request.user.sub },
    });
    if (!profile) {
      throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
    }

    const posMaster = await this.posMasterRepository.findOne({
      select: ["authRoleId"],
      where: { current_holderId: profile.id },
    });
    if (!posMaster) {
      throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์");
    }

    const getDetail = await this.authRoleRepo.findOne({
      select: ["roleName", "roleDescription"],
      where: { id: posMaster.authRoleId },
    });
    if (!getDetail) {
      throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
    }

    const roleAttrData = await this.authRoleAttrRepo.find({
      select: [
        "authSysId",
        "parentNode",
        "attrOwnership",
        "attrIsCreate",
        "attrIsList",
        "attrIsGet",
        "attrIsUpdate",
        "attrIsDelete",
        "attrPrivilege",
      ],
      where: { authRoleId: getDetail.id },
    });

    const formattedData = {
      ...getDetail,
      roleAttributes: roleAttrData,
    };

    return new HttpSuccess(formattedData);
  }
}