package mw

import (
	"applet/app/e"
	"applet/app/enum"
	"applet/app/md"
	"applet/app/svc"
	"applet/app/utils"
	"fmt"
	"github.com/gin-gonic/gin"
)

// CheckPermission 检查权限
func CheckPermission(c *gin.Context) {
	admin := svc.GetUser(c)
	masterId := svc.GetMasterId(c)

	if c.GetBool("is_open") {
		rolePermissionKey := fmt.Sprintf(md.AdminRolePermissionByOpenKey, masterId)
		isHasPermission, err := svc.CheckUserRoleByOpen(c, rolePermissionKey, c.Request.RequestURI, utils.StrToInt(masterId))
		if err != nil {
			e.OutErr(c, e.ERR, err.Error())
			return
		}
		if !isHasPermission {
			e.OutErr(c, e.ERR_FORBIDEN, "当前用户暂未拥有该路由权限，请联系管理员")
			return
		}
		c.Next()
	}

	// TODO::判断是否为超管
	if admin.IsSuperAdministrator == enum.IsSuperAdministratorTure {
		c.Next()
	} else {
		rolePermissionKey := fmt.Sprintf(md.AdminRolePermissionKey, masterId, utils.AnyToString(admin.AdmId))
		isHasPermission, err := svc.CheckUserRole(c, rolePermissionKey, c.Request.RequestURI, admin.AdmId)
		if err != nil {
			e.OutErr(c, e.ERR, err.Error())
			return
		}
		if !isHasPermission {
			e.OutErr(c, e.ERR_FORBIDEN, "当前用户暂未拥有该路由权限，请联系管理员")
			return
		}
		c.Next()
	}
}