package entity

import (
	"gateway/internal/model/permission/domain/enum"

	"go.mongodb.org/mongo-driver/v2/bson"
)

// Permission is the platform-wide permission catalog node. Tenants may not
// create permissions; they pick from the catalog when assigning to roles.
//
// Tree model: Parent holds the parent ObjectID hex (or empty for root).
// Category nodes (no HTTPPath) are UI-only and never written to Casbin
// policy.
type Permission struct {
	ID          bson.ObjectID       `bson:"_id,omitempty"`
	Parent      string              `bson:"parent,omitempty"`       // parent ObjectID hex; empty = root
	Name        string              `bson:"name"`                   // dot-notation, unique platform-wide
	HTTPMethods string              `bson:"http_methods,omitempty"` // "GET" or "GET|POST|PATCH"
	HTTPPath    string              `bson:"http_path,omitempty"`    // keyMatch2 pattern, e.g. /api/v1/members/*
	Status      enum.Status         `bson:"status"`
	Type        enum.PermissionType `bson:"type"`
	CreateAt    int64               `bson:"create_at"`
	UpdateAt    int64               `bson:"update_at"`
}

// CollectionName returns the MongoDB collection for permissions.
func (Permission) CollectionName() string {
	return "permissions"
}

// IsLeaf reports whether the permission is a Casbin-enforceable leaf
// (i.e. has both http_path and http_methods set). Category nodes return
// false and are never written to policy rules.
func (p *Permission) IsLeaf() bool {
	return p != nil && p.HTTPPath != "" && p.HTTPMethods != ""
}