package authorization

import (
	"fmt"

	"bitbucket.org/nemt/nemt-portal-api/application/viewmodel"
)

const (
	superAdmin       = "AD"
	scheduler        = "SP"
	support          = "SPT"
	member           = "US"
	brighterDevAdmin = "BDCAD"
	bcbsiAdmin       = "BCBSIAD"
	planAdmin        = "PLANAD"
	providerAdmin    = "SCHDAD"
)

func grabProfileFromUser(user viewmodel.User) (viewmodel.Profile, error) {
	if len(user.Profiles) < 1 {
		return viewmodel.Profile{}, fmt.Errorf("User has no profiles %v", user)
	}
	return user.Profiles[0], nil
}

func morePrivileged(who viewmodel.Profile, towardsWhom viewmodel.Profile) bool {
	order := []string{superAdmin, brighterDevAdmin, bcbsiAdmin, planAdmin, providerAdmin, support, scheduler, member}
	for _, value := range order {
		if value == who.Key {
			return true
		}

		if value == towardsWhom.Key {
			return false
		}
	}
	// should hapen only in case profile key is empty
	// and that's something fishy so let's deny!
	return false
}

func equallyOrMorePrivileged(who viewmodel.Profile, towardsWhom viewmodel.Profile) bool {
	if who.Key == towardsWhom.Key {
		return true
	}

	return morePrivileged(who, towardsWhom)

}

func lessPrivilegedThanAdmin(who viewmodel.Profile) bool {
	switch who.Key {
	case member:
		return true
	case scheduler:
		return true
	case support:
		return true
	}
	return false
}