const database = require("../modules/database")

function grant(userId, productId, channel, permissionKey) {
    const query = `
        INSERT INTO permissions (
            userId,
            productId,
            channel,
            permissionKey
        )

        VALUES (
            ?,
            ?,
            ?,
            ?
        )
    `
    const statement = database.prepare(query)
    return statement.run(userId, productId, channel, permissionKey)
}

function revoke(userId, productId, channel, permissionKey) {
    const query = `
        DELETE FROM permissions 
            WHERE userId = ? 
                AND productId = ? 
                AND channel = ? 
                AND permissionKey = ?
    `
    const statement = database.prepare(query)
    return statement.run(userId, productId, channel, permissionKey)
}

function findByUserAndProduct(userId, productId) {
    const query = `
        SELECT channel, permissionKey 
            FROM permissions 
            WHERE userId = ?
                AND productId = ?
    `
    const statement = database.prepare(query)
    return statement.all(userId, productId)
}

function revokeAllOnProduct(userId, productId) {
    const query = `
        DELETE FROM permissions 
            WHERE userId = ? 
                AND productId = ?
    `
    const statement = database.prepare(query)
    return statement.run(userId, productId)
}

function hasPermission(userId, productName, channel, permission) {
    const query = `
        SELECT 1 FROM permissions p
        JOIN products pr ON p.product_id = pr.id
        WHERE p.user_id = ? 
        AND pr.name = ?
        AND (p.channel = ? OR p.channel = '*')
        AND p.permission_key = ?
    `

    const stmt = db.prepare(query)
    const result = stmt.get(userId, productName, channel, permission)

    return !!result
}

module.exports = {
    grant,
    revoke,
    hasPermission,
    revokeAllOnProduct,
    findByUserAndProduct,
}