<?php

namespace App\Models\Policies;

use Illuminate\Auth\Access\HandlesAuthorization;

use App\Models\{System,User};

/**
 * This handles updating system records
 *
 * Authorisation is defined by function_role_only, where
 * - function = create,delete,update
 * - role = admin,zc,rc,nc,hc,nn,pt
 * - only = only that role can do (no hierarchy permission)
 *   ie:
 *   - admin - only site admin can do (user = admin)
 *   - zc - only ZC can perform (user has an address that is a ZC)
 *   - rc - only RC (or ZC) ...
 *   - hc - only HC (or ZC/RC) ...
 *   - nn - only NN (or ZC/RC/HC) ...
 *   - pt - only PT (or ZC/RC/HC/NN) ...
 */
class SystemPolicy
{
	use HandlesAuthorization;

	public function admin(User $user, System $system): bool
	{
		// Site Admins can always create
		// If it doesnt exist, then a user can create it.
		return ($user->isAdmin() || (! $system->exists));
	}

	/**
	 * Determine whether the user can create the model.
	 *
	 * A user can create a system if it doesnt exist.
	 *
	 * @param User $user
	 * @param System $system
	 * @return bool
	 */
	public function create(User $user, System $system): bool
	{
		// Site Admins can always create
		// If it doesnt exist, then a user can create it.
		return ($user->isAdmin() || (! $system->exists));
	}

	/**
	 * Can the user register this system
	 *
	 * @param User $user
	 * @param System $system
	 * @return bool
	 */
	public function register(User $user,System $system): bool
	{
		return ! $system->users->count() || $system->users->has($user);
	}

	/**
	 * Determine whether the user can update the model.
	 *
	 * A user can update a system if they are the user of it and it has no addresses.
	 * If it has addresses, at least one of the addresses must have been validated.
	 * (The assumption is, if a system has multiple addresses, they would be valid, or an admin can remove them.)
	 *
	 * @param User $user
	 * @param System $system
	 * @return bool
	 */
	public function update_nn(User $user,System $system): bool
	{
		// Site Admins can always edit
		if ($user->isAdmin())
			return TRUE;

		// If it doesnt exist, then its a true (they are creating it).
		if (! $system->exists)
			return TRUE;

		// @todo Permit ZC, RC, NC, HUB user

		return $system->users->contains($user) && $system->akas->count();
	}
}