import 'package:collection/collection.dart';
import 'package:flutter/foundation.dart';

import 'package:pshared/models/permissions/action.dart' as perm;
import 'package:pshared/models/permissions/data/permission.dart';
import 'package:pshared/models/permissions/descriptions/policy.dart';
import 'package:pshared/models/permissions/effect.dart';
import 'package:pshared/models/resources.dart';

import 'package:pweb/services/permissions.dart';
import 'package:pweb/services/mock_ids.dart';

class PermissionsProvider extends ChangeNotifier {
  final PermissionsService _service;

  PermissionsProvider({required PermissionsService service}) : _service = service;

  bool _isLoading = false;
  Object? _error;
  String? _accountRef;
  bool _hasLoaded = false;
  String? _roleRef;
  List<Permission> _permissions = [];
  List<PolicyDescription> _policyDescriptions = [];

  bool get isLoading => _isLoading;
  Object? get error => _error;
  bool get isReady => _hasLoaded && !_isLoading && _error == null;
  List<Permission> get permissions => List.unmodifiable(_permissions);
  bool get hasLoaded => _hasLoaded;

  bool get isCompany => _roleRef == companyRoleId;
  bool get isRecipient => _roleRef == recipientRoleId;

  Future<void> loadForAccount(String accountRef) async {
    _accountRef = accountRef;
    _isLoading = true;
    _error = null;
    notifyListeners();

    try {
      final access = await _service.loadForAccount(accountRef);
      _permissions = access.permissions.permissions;
      _policyDescriptions = access.descriptions.policies;
      _roleRef = access.permissions.roles.firstOrNull?.descriptionRef;
    } catch (e) {
      _permissions = [];
      _policyDescriptions = [];
      _error = e;
      _roleRef = null;
    } finally {
      _hasLoaded = true;
      _isLoading = false;
      notifyListeners();
    }
  }

  void clear() {
    _accountRef = null;
    _permissions = [];
    _policyDescriptions = [];
    _error = null;
    _hasLoaded = false;
    _roleRef = null;
    notifyListeners();
  }

  bool canAccessResource(ResourceType resource, {perm.Action? action}) {
    final policy = _policyDescriptions.firstWhereOrNull(
      (policy) => (policy.resourceTypes?.contains(resource) ?? false),
    );
    if (policy == null) return false;

    return _permissions.any(
      (permission) =>
        permission.accountRef == _accountRef &&
        permission.policy.descriptionRef == policy.storable.id &&
        permission.policy.effect.effect == Effect.allow &&
        (action == null || permission.policy.effect.action == action),
    );
  }
}