package middleware

import (
	"github.com/gin-gonic/gin"
	"mc-client-updater-server/internal/service"
	"mc-client-updater-server/pkg/result"
	"strings"
)

func AdminRequired(c *gin.Context) {
	res := result.NewResult(c)
	authorization := c.GetHeader("Authorization")
	if authorization == "" {
		res.Unauthorized()
		return
	}

	split := strings.Split(authorization, " ")
	if len(split) <= 1 || (len(split) >= 2 && split[0] != "Bearer") {
		res.BadRequest()
		return
	}

	tokenSrv := service.NewTokenService(c)
	token := split[1]
	tokenRow, ok := tokenSrv.VerifyToken(token)
	// 若!ok，则返回值已被service处理，无需再次返回
	if !ok {
		return
	}

	userSrv := service.NewUserService(c)
	hasRole := userSrv.JudgeRoleByToken("ROLE_admin", tokenRow)
	if !hasRole {
		res.NoPermission()
		return
	}
	c.Next()
}