<?php

namespace app\middleware;

use app\support\AdminAuthService;
use Webman\Http\Request;
use Webman\Http\Response;
use Webman\MiddlewareInterface;

class AdminAuthMiddleware implements MiddlewareInterface
{
    public function process(Request $request, callable $handler): Response
    {
        $path = $request->path();
        if (!str_starts_with($path, '/api/admin')) {
            return $handler($request);
        }

        if (in_array($path, ['/api/admin/ping', '/api/admin/auth/login'], true)) {
            return $handler($request);
        }

        $authService = new AdminAuthService();
        $adminInfo = $authService->current($request);
        if (!$adminInfo) {
            return api_error('未登录或登录已过期', 401);
        }

        $permissionCode = $this->permissionCode($path);
        if ($permissionCode !== '' && !$authService->hasPermission($adminInfo, $permissionCode)) {
            return api_error('无权访问该后台功能', 403);
        }

        $request->setHeader('x-admin-id', (string)$adminInfo['id']);
        $request->setHeader('x-admin-name', (string)$adminInfo['name']);

        return $handler($request);
    }

    private function permissionCode(string $path): string
    {
        return match (true) {
            str_starts_with($path, '/api/admin/dashboard') => 'dashboard.view',
            str_starts_with($path, '/api/admin/orders'),
            str_starts_with($path, '/api/admin/order/') => 'orders.manage',
            str_starts_with($path, '/api/admin/appraisal-tasks'),
            str_starts_with($path, '/api/admin/appraisal-task/') => 'appraisal_tasks.manage',
            str_starts_with($path, '/api/admin/catalog/') => 'catalog.manage',
            str_starts_with($path, '/api/admin/reports'),
            str_starts_with($path, '/api/admin/report/') => 'reports.manage',
            str_starts_with($path, '/api/admin/messages') => 'messages.manage',
            str_starts_with($path, '/api/admin/tickets'),
            str_starts_with($path, '/api/admin/ticket/') => 'tickets.manage',
            str_starts_with($path, '/api/admin/users'),
            str_starts_with($path, '/api/admin/user/') => 'users.manage',
            str_starts_with($path, '/api/admin/customers'),
            str_starts_with($path, '/api/admin/customer/') => 'customers.manage',
            str_starts_with($path, '/api/admin/warehouses'),
            str_starts_with($path, '/api/admin/warehouse/') => 'warehouses.manage',
            str_starts_with($path, '/api/admin/material/') => 'materials.manage',
            str_starts_with($path, '/api/admin/access/') => 'access.manage',
            str_starts_with($path, '/api/admin/content/') => 'system.manage',
            str_starts_with($path, '/api/admin/system-configs') => 'system.manage',
            str_starts_with($path, '/api/admin/auth/me'),
            str_starts_with($path, '/api/admin/auth/logout') => '',
            default => '',
        };
    }
}