package web

import (
	"net/http"
	"strconv"

	"github.com/astaxie/session"
	"github.com/julienschmidt/httprouter"

	libapi "dev.sum7.de/sum7/warehost/lib/api"
	libsystem "dev.sum7.de/sum7/warehost/system"
)

// PermissionList to add permissions
func (api *API) PermissionList(w http.ResponseWriter, r *http.Request, _ httprouter.Params, sess session.Session, login *libsystem.Login, websiteid int64) (returndata interface{}, returnerr *libapi.ErrorResult) {
	returndata = false
	logger := api.log.GetLog(r, "permissionlist")
	var involved []*Manager
	api.dbconnection.Where("website = ?", websiteid).Preload("Login").Find(&involved)
	logger.Info("done")
	returndata = involved
	return
}

// PermissionAdd to add permissions
func (api *API) PermissionAdd(w http.ResponseWriter, r *http.Request, ps httprouter.Params, sess session.Session, login *libsystem.Login, websiteid int64) (returndata interface{}, returnerr *libapi.ErrorResult) {
	returndata = false
	logger := api.log.GetLog(r, "permissionadd")
	loginid, err := strconv.ParseInt(ps.ByName("loginid"), 10, 64)
	if err != nil {
		returnerr = &libapi.ErrorResult{Fields: []string{"loginid"}, Message: "Not a valid loginid"}
		logger.Warn("invalid loginid, no integer")
		return
	}
	manager := &Manager{
		WebsiteID: websiteid,
		LoginID:   loginid,
	}
	if err := api.dbconnection.Create(manager).Error; err != nil {
		logger.Error("database: during create website permission")
		returnerr = &libapi.ErrorResult{Message: "Internal Database Error"}
		return
	}
	returndata = true
	logger.Info("done")
	return
}

// PermissionDelete to delete permissions
func (api *API) PermissionDelete(w http.ResponseWriter, r *http.Request, ps httprouter.Params, sess session.Session, login *libsystem.Login, websiteid int64) (returndata interface{}, returnerr *libapi.ErrorResult) {
	returndata = false
	logger := api.log.GetLog(r, "permissiondelete")
	loginid, err := strconv.ParseInt(ps.ByName("loginid"), 10, 64)
	if err != nil {
		returnerr = &libapi.ErrorResult{Fields: []string{"loginid"}, Message: "Not a valid loginid"}
		logger.Warn("invalid loginid, no integer")
		return
	}
	manager := &Manager{
		WebsiteID: websiteid,
		LoginID:   loginid,
	}
	if err := api.dbconnection.Unscoped().Delete(manager).Error; err != nil {
		logger.Error("database: during delete website permission")
		returnerr = &libapi.ErrorResult{Message: "Internal Database Error"}
		return
	}
	returndata = true
	logger.Info("done")
	return
}