using cuqmbr.TravelGuide.Application.Common.Authorization;
using cuqmbr.TravelGuide.Application.Common.Persistence;
using cuqmbr.TravelGuide.Application.Common.Services;
using MediatR.Behaviors.Authorization;

namespace cuqmbr.TravelGuide.Application.Aircrafts.Queries.GetAircraft;

public class GetAircraftQueryAuthorizer :
    AbstractRequestAuthorizer<GetAircraftQuery>
{
    private readonly SessionUserService _sessionUserService;
    private readonly UnitOfWork _unitOfWork;

    public GetAircraftQueryAuthorizer(
        SessionUserService sessionUserService,
        UnitOfWork unitOfWork)
    {
        _sessionUserService = sessionUserService;
        _unitOfWork = unitOfWork;
    }

    public override void BuildPolicy(GetAircraftQuery request)
    {
        UseRequirement(new MustBeAuthenticatedRequirement
        {
            IsAuthenticated = _sessionUserService.IsAuthenticated
        });

        var vehicel = _unitOfWork.VehicleRepository
            .GetOneAsync(
                e => e.Guid == request.Guid, e => e.Company.Account,
                CancellationToken.None)
            .Result;

        UseRequirement(new MustBeObjectOwnerOrAdminRequirement
        {
            UserRoles = _sessionUserService.Roles,
            RequiredGuid = vehicel?.Company.Account.Guid,
            UserGuid = _sessionUserService.Guid
        });
    }
}