using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Options;
using Moonlight.Shared;

namespace Moonlight.Api.Implementations;

public class PermissionPolicyProvider : IAuthorizationPolicyProvider
{
    private readonly DefaultAuthorizationPolicyProvider FallbackProvider;
    
    public PermissionPolicyProvider(IOptions<AuthorizationOptions> options)
    {
        FallbackProvider = new DefaultAuthorizationPolicyProvider(options);
    }
    
    public async Task<AuthorizationPolicy?> GetPolicyAsync(string policyName)
    {
        if (!policyName.StartsWith("Permission:", StringComparison.OrdinalIgnoreCase))
            return await FallbackProvider.GetPolicyAsync(policyName);
        
        var identifier = policyName.Substring(Permissions.Prefix.Length);
        
        var policy = new AuthorizationPolicyBuilder();
        policy.AddRequirements(new PermissionRequirement(identifier));

        return policy.Build();
    }

    public Task<AuthorizationPolicy> GetDefaultPolicyAsync()
        => FallbackProvider.GetDefaultPolicyAsync();

    public Task<AuthorizationPolicy?> GetFallbackPolicyAsync()
        => FallbackProvider.GetFallbackPolicyAsync();
}

public class PermissionRequirement : IAuthorizationRequirement
{
    public string Identifier { get; }
    
    public PermissionRequirement(string identifier)
    {
        Identifier = identifier;
    }
}