package middleware

import (
	"nixcn-cms/data"

	"github.com/gin-gonic/gin"
	"github.com/google/uuid"
)

func Permission(requiredLevel uint) gin.HandlerFunc {
	return func(c *gin.Context) {
		userIdOrig, ok := c.Get("user_id")
		if !ok || userIdOrig.(string) == "" {
			c.AbortWithStatusJSON(401, gin.H{"status": "missing user id"})
			return
		}

		userId, err := uuid.Parse(userIdOrig.(string))
		if err != nil {
			c.AbortWithStatusJSON(500, gin.H{"status": "error parsing user id"})
			return
		}

		userData, err := new(data.User).GetByUserId(userId)
		if err != nil {
			c.AbortWithStatusJSON(404, gin.H{"status": "user not found"})
			return
		}

		if userData.PermissionLevel < requiredLevel {
			c.AbortWithStatusJSON(403, gin.H{"status": "permission denied"})
			return
		}
		c.Next()
	}
}