package auth

import (
	"context"

	"github.com/tech/sendico/pkg/db/policy"
	"github.com/tech/sendico/pkg/db/repository/builder"
	"github.com/tech/sendico/pkg/db/template"
	"github.com/tech/sendico/pkg/mlogger"
	"github.com/tech/sendico/pkg/model"
	"github.com/tech/sendico/pkg/mservice"
	"go.mongodb.org/mongo-driver/v2/bson"
	"go.mongodb.org/mongo-driver/v2/mongo"
)

type ProtectedDB[T model.PermissionBoundStorable] interface {
	Create(ctx context.Context, accountRef, organizationRef bson.ObjectID, object T) error
	InsertMany(ctx context.Context, accountRef, organizationRef bson.ObjectID, objects []T) error
	Get(ctx context.Context, accountRef, objectRef bson.ObjectID, result T) error
	Update(ctx context.Context, accountRef bson.ObjectID, object T) error
	Delete(ctx context.Context, accountRef, objectRef bson.ObjectID) error
	DeleteCascadeAuth(ctx context.Context, accountRef, objectRef bson.ObjectID) error
	Patch(ctx context.Context, accountRef, objectRef bson.ObjectID, patch builder.Patch) error
	PatchMany(ctx context.Context, accountRef bson.ObjectID, query builder.Query, patch builder.Patch) (int, error)
	Unprotected() template.DB[T]
	ListIDs(ctx context.Context, action model.Action, accountRef bson.ObjectID, query builder.Query) ([]bson.ObjectID, error)
}

func CreateDB[T model.PermissionBoundStorable](
	ctx context.Context,
	l mlogger.Logger,
	pdb policy.DB,
	enforcer Enforcer,
	collection mservice.Type,
	db *mongo.Database,
) (ProtectedDB[T], error) {
	return CreateDBImp[T](ctx, l, pdb, enforcer, collection, db)
}