import { Attributes, FindOptions } from "@sequelize/core"

import { Path } from "@/utils/deep-pick"
import { User } from "@/models"
import { ALL_RECORDS_SCOPE, PolicyFactory } from "@/policies/base-policy"

export class UsersPolicy extends PolicyFactory(User) {
  show(): boolean {
    if (this.user.isSystemAdmin) {
      return true
    }

    if (this.user.id === this.record.id) {
      return true
    }

    return false
  }

  create(): boolean {
    if (this.user.isSystemAdmin) {
      return true
    }

    return false
  }

  update(): boolean {
    if (this.user.isSystemAdmin) {
      return true
    }

    if (this.user.id === this.record.id) {
      return true
    }

    return false
  }

  destroy(): boolean {
    if (this.user.id === this.record.id) {
      return false
    }

    if (this.user.isSystemAdmin) {
      return true
    }

    return false
  }

  permittedAttributes(): Path[] {
    const attributes: (keyof Attributes<User>)[] = [
      "email",
      "auth0Subject",
      "firstName",
      "lastName",
      "displayName",
    ]

    if (this.user.isSystemAdmin) {
      attributes.push("roles")
    }

    return attributes
  }

  permittedAttributesForCreate(): Path[] {
    return [...this.permittedAttributes()]
  }

  permittedAttributesForUpdate(): Path[] {
    return [...this.permittedAttributes()]
  }

  static policyScope(user: User): FindOptions<Attributes<User>> {
    if (user.isSystemAdmin) return ALL_RECORDS_SCOPE

    return { where: { id: user.id } }
  }
}

export default UsersPolicy