// Code scaffolded by goctl. Safe to edit.
// goctl 1.10.1

package user

import (
	"context"

	authHelper "perms-system-server/internal/logic/auth"
	"perms-system-server/internal/middleware"
	"perms-system-server/internal/response"
	"perms-system-server/internal/svc"
	"perms-system-server/internal/types"

	"github.com/zeromicro/go-zero/core/logx"
)

type GetUserPermsLogic struct {
	logx.Logger
	ctx    context.Context
	svcCtx *svc.ServiceContext
}

func NewGetUserPermsLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetUserPermsLogic {
	return &GetUserPermsLogic{
		Logger: logx.WithContext(ctx),
		ctx:    ctx,
		svcCtx: svcCtx,
	}
}

// GetUserPerms 查询用户在当前产品下的个性化权限覆盖项（仅 sys_user_perm 的 ALLOW/DENY 行，不含角色继承权限）。
// 访问控制：超管不限；本人可查自己；其余调用者须是产品 ADMIN，且权限等级须高于目标用户。
// 审计 L-R13-1：RequireProductAdminFor 在任何实体读取前调用，防止普通 MEMBER 通过响应差异枚举 userId 存在性。
func (l *GetUserPermsLogic) GetUserPerms(req *types.GetUserPermsReq) (resp *types.GetUserPermsResp, err error) {
	caller := middleware.GetUserDetails(l.ctx)
	if caller == nil {
		return nil, response.ErrUnauthorized("未登录")
	}

	productCode := middleware.GetProductCode(l.ctx)

	isSelf := caller.UserId == req.UserId
	if !caller.IsSuperAdmin && !isSelf {
		// 审计 L-R13-1：先鉴权再读实体，避免枚举 userId。
		if err := authHelper.RequireProductAdminFor(l.ctx, productCode); err != nil {
			return nil, err
		}
		if err := authHelper.CheckManageAccess(l.ctx, l.svcCtx, req.UserId, productCode); err != nil {
			return nil, err
		}
	}

	rows, err := l.svcCtx.SysUserPermModel.FindByUserIdForProduct(l.ctx, req.UserId, productCode)
	if err != nil {
		return nil, err
	}

	perms := make([]types.UserPermItem, 0, len(rows))
	for _, r := range rows {
		perms = append(perms, types.UserPermItem{
			PermId: r.PermId,
			Effect: r.Effect,
		})
	}
	return &types.GetUserPermsResp{Perms: perms}, nil
}