package middleware

import (
	"context"
	"log"
	"net/http"
	"ordr-api/dto"

	"github.com/gin-gonic/gin"
	"github.com/jackc/pgx/v5/pgxpool"
)

func IsAdmin(pool *pgxpool.Pool) gin.HandlerFunc {
	return func(ctx *gin.Context) {
		conn, conn_err := pool.Acquire(ctx)

		if conn_err != nil {
			log.Println(conn_err)
			ctx.AbortWithStatus(http.StatusInternalServerError)
			return
		}
		defer conn.Release()

		user_profile, _ := ctx.Get("user_profile")

		var is_admin bool

		query_err := conn.QueryRow(context.Background(), "SELECT is_admin FROM ordr_user WHERE sub_id = $1", user_profile.(dto.UserProfileResponse).Sub).Scan(&is_admin)

		if query_err != nil {
			log.Println(query_err)
			ctx.AbortWithStatus(http.StatusInternalServerError)
		}

		if is_admin != true {
			ctx.AbortWithStatus(http.StatusUnauthorized)
		}

		ctx.Next()
	}
}