package middleware

import (
	"smoop-api/internal/handlers"
	"smoop-api/internal/models"

	"github.com/gin-gonic/gin"
)

// DeviceAccessFilter middleware sets filtering context for device access
func DeviceAccessFilter() gin.HandlerFunc {
	return func(c *gin.Context) {
		userContext, exists := c.Get("user")
		if !exists {
			c.JSON(401, gin.H{"error": "unauthorized"})
			c.Abort()
			return
		}

		user, ok := userContext.(handlers.UserContext)
		if !ok {
			c.JSON(401, gin.H{"error": "invalid user data"})
			c.Abort()
			return
		}

		// Set filter flag and user ID in context
		if user.Role == models.RoleAdmin {
			c.Set("filterDevices", false) // Admin sees all devices
		} else {
			c.Set("filterDevices", true) // Regular user needs filtering
			c.Set("userID", user.ID)     // Store user ID for filtering
		}

		c.Next()
	}
}

// TrackerAccessFilter middleware sets filtering context for tracker access
func TrackerAccessFilter() gin.HandlerFunc {
	return func(c *gin.Context) {
		userContext, exists := c.Get("user")
		if !exists {
			c.JSON(401, gin.H{"error": "unauthorized"})
			c.Abort()
			return
		}

		user, ok := userContext.(handlers.UserContext)
		if !ok {
			c.JSON(401, gin.H{"error": "invalid user data"})
			c.Abort()
			return
		}

		// Set filter flag and user ID in context (mirrors devices)
		if user.Role == models.RoleAdmin {
			c.Set("filterTrackers", false) // Admin sees all trackers
		} else {
			c.Set("filterTrackers", true) // Regular user needs filtering
			c.Set("userID", user.ID)      // Store user ID for filtering (same key as devices)
		}

		c.Next()
	}
}