package servers

import (
	"git.acooldomain.co/server-manager/backend/auth"
	"git.acooldomain.co/server-manager/backend/models"
	"github.com/gin-gonic/gin"
)

func (con ServersApi) ServerAuthorized(permissions models.Permission) func(*gin.Context) {
	return func(ctx *gin.Context) {
		claimsPointer, exists := ctx.Get("claims")
		if !exists {
			ctx.AbortWithStatus(403)
			return
		}

		claims := claimsPointer.(*auth.AuthClaims)

		serverId := ctx.Param("server_id")
		if serverId == "" {
			return
		}

		userPermissions, err := con.ServerAuthorization.GetPermissions(ctx, claims.Username, serverId)
		if err != nil {
			return
		}

		if userPermissions&permissions == permissions || userPermissions&models.Admin == models.Admin {
			ctx.Set(auth.AuthorizedParam, true)
			return
		}

		return
	}
}