package web

import (
	"net/http"
	"strconv"

	"github.com/astaxie/session"
	"github.com/jinzhu/gorm"
	"github.com/julienschmidt/httprouter"

	libapi "dev.sum7.de/sum7/warehost/lib/api"
	log "dev.sum7.de/sum7/warehost/lib/log"
	libsystem "dev.sum7.de/sum7/warehost/system"
)

// Handle to handle request with session and current logged in user
type Handle func(w http.ResponseWriter, r *http.Request, ps httprouter.Params, sess session.Session, login *libsystem.Login, id int64) (interface{}, *libapi.ErrorResult)

//InvolveWebsiteHandler for api function to Verifie User ist loggedin
func InvolveWebsiteHandler(h Handle, sessions *session.Manager, dbconnection *gorm.DB) httprouter.Handle {
	return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
		sess := sessions.SessionStart(w, r)
		err := &libapi.ErrorResult{Fields: []string{"session"}, Message: "Not logged in"}
		var data interface{}
		data = false

		if login := sess.Get("login"); login != nil {
			if loginObj := login.(libsystem.Login); loginObj.Active {
				id, errI := strconv.ParseInt(ps.ByName("websiteid"), 10, 64)
				if errI != nil {
					err = &libapi.ErrorResult{Fields: []string{"websiteid"}, Message: "Not a valid websiteid"}
					log.Log.Warn("invalid websiteid, no integer")
				} else {
					res := dbconnection.Where(map[string]int64{"website": id, "login": loginObj.ID}).Find(&Manager{})
					if !res.RecordNotFound() {
						data, err = h(w, r, ps, sess, &loginObj, id)
					} else {
						err = &libapi.ErrorResult{Fields: []string{"permission"}, Message: "No permission"}
						log.Log.Info("no Permissions")
					}
				}
			} else {
				log.Log.Warn("user not active")
			}
		} else {
			log.Log.Warn("not loggedin")
		}
		libapi.JSONOutput(w, r, sess, data, err)
	}
}