package rpc

import (
	context "context"

	"github.com/cedar-policy/cedar-go"
	"gitlab.com/mokhax/spike/pkg/policies"
)

type AbilityHandler struct {
	UnimplementedAbilityServer
}

func NewAbilityHandler() *AbilityHandler {
	return &AbilityHandler{}
}

func (h *AbilityHandler) Allowed(ctx context.Context, req *AllowRequest) (*AllowReply, error) {
	ok := policies.Allowed(cedar.Request{
		Principal: cedar.NewEntityUID("User", cedar.String(req.Subject)),
		Action:    cedar.NewEntityUID("Action", cedar.String(req.Permission)),
		Resource:  cedar.NewEntityUID("Album", cedar.String(req.Resource)),
		Context:   cedar.NewRecord(cedar.RecordMap{}),
	})
	return &AllowReply{Result: ok}, nil
}