package usecase

import (
	"backend/pkg/permission/domain/entity"
	"context"
)

// PermissionUseCase 權限用例介面 (使用 Casbin)
type PermissionUseCase interface {
	// 基本權限管理
	CreatePermission(ctx context.Context, req CreatePermissionRequest) (*entity.Permission, error)
	GetPermission(ctx context.Context, id string) (*entity.Permission, error)
	UpdatePermission(ctx context.Context, req UpdatePermissionRequest) (*entity.Permission, error)
	DeletePermission(ctx context.Context, id string) error
	ListPermissions(ctx context.Context, req ListPermissionsRequest) ([]*entity.Permission, error)

	// Casbin 權限檢查
	CheckUserPermission(ctx context.Context, uid, httpMethod, httpPath string) (bool, error)
	CheckRolePermission(ctx context.Context, roleUID, httpMethod, httpPath string) (bool, error)
	CheckPatternPermission(ctx context.Context, uid, pattern, action string) (bool, error)
	BatchCheckPermissions(ctx context.Context, uid string, permissions []PermissionCheck) (map[string]bool, error)

	// 用戶權限管理
	GetUserPermissions(ctx context.Context, uid string) (map[string]int, error)
	AddPolicyForUser(ctx context.Context, uid, httpPath, httpMethod string) error
	RemovePolicyForUser(ctx context.Context, uid, httpPath, httpMethod string) error

	// 角色管理
	AddRoleForUser(ctx context.Context, uid, roleUID string) error
	RemoveRoleForUser(ctx context.Context, uid, roleUID string) error
	GetUsersForRole(ctx context.Context, roleUID string) ([]string, error)
	GetRolesForUser(ctx context.Context, uid string) ([]string, error)

	// 角色權限管理
	AddPermissionForRole(ctx context.Context, roleUID, httpPath, httpMethod string) error
	RemovePermissionForRole(ctx context.Context, roleUID, httpPath, httpMethod string) error
	GetPermissionsForRole(ctx context.Context, roleUID string) (map[string]int, error)

	// 策略管理
	GetAllPolicies(ctx context.Context) ([][]string, error)
	GetFilteredPolicies(ctx context.Context, fieldIndex int, fieldValues ...string) ([][]string, error)
}

// CreatePermissionRequest 創建權限請求
type CreatePermissionRequest struct {
	ParentID   *string               `json:"parent_id,omitempty"`
	Name       string                `json:"name"`
	HTTPMethod string                `json:"http_method,omitempty"`
	HTTPPath   string                `json:"http_path,omitempty"`
	Status     int                   `json:"status"`
	Type       entity.PermissionType `json:"type"`
}

// UpdatePermissionRequest 更新權限請求
type UpdatePermissionRequest struct {
	ID         string                 `json:"id"`
	Name       *string                `json:"name,omitempty"`
	HTTPMethod *string                `json:"http_method,omitempty"`
	HTTPPath   *string                `json:"http_path,omitempty"`
	Status     *int                   `json:"status,omitempty"`
	Type       *entity.PermissionType `json:"type,omitempty"`
}

// ListPermissionsRequest 列出權限請求
type ListPermissionsRequest struct {
	Status   *int                   `json:"status,omitempty"`
	Type     *entity.PermissionType `json:"type,omitempty"`
	ParentID *string                `json:"parent_id,omitempty"`
	Limit    int                    `json:"limit"`
	Skip     int                    `json:"skip"`
}

// PermissionCheck 權限檢查項目
type PermissionCheck struct {
	HTTPMethod string `json:"http_method"`
	HTTPPath   string `json:"http_path"`
}

// CasbinPolicyRequest Casbin 策略請求
type CasbinPolicyRequest struct {
	Subject string `json:"subject"` // 用戶或角色
	Object  string `json:"object"`  // 資源
	Action  string `json:"action"`  // 行為
}

// CasbinRoleRequest Casbin 角色請求
type CasbinRoleRequest struct {
	User string `json:"user"` // 用戶
	Role string `json:"role"` // 角色
}