package repository

import (
	"context"

	"gateway/internal/model/permission/domain/entity"
)

// RolePermissionRepository manages the role↔permission catalog join.
//
// SetForRole replaces all permission IDs of a role atomically (delete +
// bulk insert). Use it when the UI submits a "edit role permissions"
// form so callers don't have to diff manually.
type RolePermissionRepository interface {
	Insert(ctx context.Context, rp *entity.RolePermission) error
	BulkInsert(ctx context.Context, rps []*entity.RolePermission) error
	DeleteByRole(ctx context.Context, tenantID, roleID string) error
	DeleteByPermission(ctx context.Context, permissionID string) (int64, error)
	SetForRole(ctx context.Context, tenantID, roleID string, permissionIDs []string) error

	ListByRole(ctx context.Context, tenantID, roleID string) ([]*entity.RolePermission, error)
	ListByRoles(ctx context.Context, tenantID string, roleIDs []string) ([]*entity.RolePermission, error)
	ListByTenant(ctx context.Context, tenantID string) ([]*entity.RolePermission, error)
}