import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
import { NextFunction, Request, Response } from "express";

export default async function ruleHandler(req: Request, response: Response, next: NextFunction) {
	try {
		const rules = req.body.user.rules;
		const service = req.path && req.path.split("/")[4];

		if (!rules) {
			response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized without rules");
			return;
		}

		if (!rules.includes(req.method + " " + service)) {
			response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with those rules");
			return;
		}

		next();
	} catch (error) {
		console.error(error);
		response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
		return;
	}
}