package usecase

import (
	"context"

	"gateway/internal/model/permission/domain/entity"
	"gateway/internal/model/permission/domain/enum"
)

// AssignParam carries the fields needed to assign a role to a member.
type AssignParam struct {
	TenantID string
	UID      string
	RoleID   string
	Source   enum.RoleSource // defaults to manual when zero
}

// UserRoleSummary is what the API returns: a UserRole plus the resolved
// Role.Key/Role.DisplayName, so clients don't need a second round trip.
type UserRoleSummary struct {
	*entity.UserRole
	RoleKey         string `json:"role_key"`
	RoleDisplayName string `json:"role_display_name"`
}

// UserRoleUseCase manages user↔role assignments and exposes the building
// block used by SyncFromX provisioning flows.
type UserRoleUseCase interface {
	Assign(ctx context.Context, param *AssignParam) (*entity.UserRole, error)
	Revoke(ctx context.Context, tenantID, uid, roleID string) error
	List(ctx context.Context, tenantID, uid string) ([]*UserRoleSummary, error)
	ReplaceForSource(
		ctx context.Context,
		tenantID, uid string,
		source enum.RoleSource,
		roleKeys []string,
	) error
}