package rpc

import (
	context "context"

	"github.com/cedar-policy/cedar-go"
	"gitlab.com/mokhax/spike/pkg/gid"
	"gitlab.com/mokhax/spike/pkg/policies"
)

type AbilityService struct {
	UnimplementedAbilityServer
}

func NewAbilityService() *AbilityService {
	return &AbilityService{}
}

func (h *AbilityService) Allowed(ctx context.Context, req *AllowRequest) (*AllowReply, error) {
	ok := policies.Allowed(cedar.Request{
		Principal: gid.NewEntityUID(req.Subject),
		Action:    cedar.NewEntityUID("Permission", cedar.String(req.Permission)),
		Resource:  gid.NewEntityUID(req.Resource),
		Context:   cedar.NewRecord(cedar.RecordMap{}),
	})
	return &AllowReply{Result: ok}, nil
}