package permmatch

import (
	"strings"
)

// MethodAllowed reports whether method is covered by a pipe-separated methods string.
func MethodAllowed(methods, method string) bool {
	method = strings.ToUpper(strings.TrimSpace(method))
	if method == "" {
		return false
	}
	for _, item := range strings.Split(methods, "|") {
		if strings.ToUpper(strings.TrimSpace(item)) == method {
			return true
		}
	}
	return false
}

// PathAllowed reports whether requestPath matches pattern (exact or trailing * wildcard).
func PathAllowed(pattern, requestPath string) bool {
	pattern = strings.TrimSpace(pattern)
	requestPath = strings.TrimSpace(requestPath)
	if pattern == "" || requestPath == "" {
		return false
	}
	if pattern == requestPath {
		return true
	}
	if strings.HasSuffix(pattern, "*") {
		prefix := strings.TrimRight(strings.TrimSuffix(pattern, "*"), "/")
		if requestPath == prefix {
			return true
		}
		return strings.HasPrefix(requestPath, prefix+"/")
	}
	return false
}

// RequestAllowed checks member permission map against an HTTP request.
func RequestAllowed(permissions map[string]string, method, requestPath string) bool {
	if len(permissions) == 0 {
		return false
	}
	for pattern, methods := range permissions {
		if PathAllowed(pattern, requestPath) && MethodAllowed(methods, method) {
			return true
		}
	}
	return false
}