//nolint:dupl
package rulesengine

import (
	"context"
	"errors"
	"fmt"
)

// Add privilege updates the dataset with given names. returns a list of
// values where the values remain unchanged in the dataset.
func (reng RulesEngine) AddPrivileges(ctx context.Context, privileges []PostPrivilegePayload) (AddNameResult, error) {
	// validation
	if len(privileges) == 0 {
		return AddNameResult{}, fmt.Errorf("empty privilege list")
	}
	if len(privileges) > maxPrivileges {
		return AddNameResult{}, fmt.Errorf("total number of privileges %d exceeds max %d", len(privileges), maxPrivileges)
	}
	var retErr error
	for i, privilege := range privileges {
		if err := privilege.Validate(); err != nil {
			retErr = errors.Join(retErr, fmt.Errorf("invalid privilege at %d: %w", i, err))
		}
	}
	if retErr != nil {
		return AddNameResult{}, retErr
	}
	privs := []string{}
	for _, priv := range privileges {
		privs = append(privs, priv.Name)
	}
	return reng.ds.AddPrivileges(ctx, privs)
}

func (reng RulesEngine) DeletePrivilege(ctx context.Context, name string) (DeleteResult, error) {
	//validation
	if name == "" {
		return DeleteResult{}, fmt.Errorf("empty privilege name")
	}
	return reng.ds.DeletePrivilege(ctx, name)
}

func (reng RulesEngine) ReadPrivileges(ctx context.Context) ([]Privilege, error) {
	return reng.ds.ReadAllPrivileges(ctx)
}

func (reng RulesEngine) ReadPrivilegesWithFilter(ctx context.Context, filter []string) ([]Privilege, error) {
	return reng.ds.ReadPrivilegesWithFilter(ctx, filter)
}

func (reng RulesEngine) ReadPrivilege(ctx context.Context, name string) (Privilege, error) {
	//validation
	if name == "" {
		return Privilege{}, fmt.Errorf("empty privilege name")
	}
	return reng.ds.ReadPrivilege(ctx, name)
}