import { Request, Router } from "express";
import { GetUserMiddleware } from "../middlewares/user";
import RequestError, { HttpStatusCode } from "../../helper/request_error";
import promiseMiddleware from "../../helper/promiseMiddleware";
import Permission from "../../models/permissions";
import verify, { Types } from "../middlewares/verify";
import Client from "../../models/client";

const PermissionRoute: Router = Router();
PermissionRoute.use(GetUserMiddleware(true, true), (req: Request, res, next) => {
   if (!req.isAdmin) res.sendStatus(HttpStatusCode.FORBIDDEN)
   else next()
});


PermissionRoute.route("/")
   .get(promiseMiddleware(async (req, res) => {
      let permission = await Permission.find({});
      res.json(permission);
   }))
   .post(verify({
      clientId: {
         type: Types.NUMBER
      },
      name: {
         type: Types.STRING
      },
      description: {
         type: Types.STRING
      }
   }, true), promiseMiddleware(async (req, res) => {
      let client = await Client.findById(req.body.clientId);
      if (!client) {
         throw new RequestError("Client not found", HttpStatusCode.BAD_REQUEST);
      }
      let permission = Permission.new({
         description: req.body.description,
         name: req.body.name,
         client: client._id
      });
      await Permission.save(permission);
      res.json(permission);
   }))

export default PermissionRoute;