package middleware

import (
	"net/http"

	"cockpit/internal/domain"

	"github.com/gin-gonic/gin"
)

func RequirePerm(code string) gin.HandlerFunc {
	return func(c *gin.Context) {
		raw, ok := c.Get(CtxPermCodesKey)
		if !ok {
			c.AbortWithStatusJSON(http.StatusForbidden, domain.Fail("无权限"))
			return
		}
		perms, _ := raw.([]string)
		if hasPerm(perms, code) {
			c.Next()
			return
		}
		c.AbortWithStatusJSON(http.StatusForbidden, domain.Fail("无权限"))
	}
}

func hasPerm(codes []string, need string) bool {
	for _, c := range codes {
		if c == "admin:*" {
			return true
		}
		if c == need {
			return true
		}
	}
	return false
}