<?php

namespace App\Http\Middleware;

use App\Models\Enums\PermissionName;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Route;
use Spatie\Permission\Exceptions\UnauthorizedException;
use Symfony\Component\HttpFoundation\Response;

class CheckPermission
{
    /**
     * Handle an incoming request.`
     *
     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
     */
    public function handle(Request $request, Closure $next): Response
    {
        $permission = Route::currentRouteName();

        $this->checkout($request, $permission);

        return $next($request);
    }

    protected function checkout(Request $request, string $permission)
    {
        $permissionName = PermissionName::tryFrom($permission);

        $permissions = [];

        $subPermissionRelations = $permissionName ? $permissionName?->subPermissionRelations() : [];
        if ($subPermissionRelations) {
            $subPermissionKeys = $this->subPermissionKeys($request, $permissionName);
            throw_validation_if(!$subPermissionKeys, "Sub-permission parameter exception");

            foreach ($subPermissionKeys as $key) {
                $subPermission = $subPermissionRelations[$key] ?? null;
                throw_validation_if(! $subPermission, "Sub-permission parameter exception");

                $permissions[] = $subPermission;
            }
        } else {
            $permissions[] = $permission;
        }

        foreach ($permissions as $permission) {
            if (! Auth::user()->hasPermissionTo($permission)) {
                throw UnauthorizedException::forPermissions([$permission]);
            }
        }
    }

    protected function subPermissionKeys(Request $request, PermissionName $permissionName)
    {
        $keys = [];

        switch ($permissionName) {
            case PermissionName::CONFIG_INDEX:
                $keys = $request->get("group", []);
                break;
            case PermissionName::CONFIG_SETTING:
                $keys = array_column($request->all(), 'group');
                break;
        }

        return array_unique($keys);
    }
}