app/services/rights/abilitiesUtils.ts

import {$roleUtils} from '~/services/rights/roleUtils'
import {AbilitiesType} from '~/types/interfaces'
import YamlDenormalizer from "~/services/data/serializer/denormalizer/yamlDenormalizer";
import {MongoAbility} from "@casl/ability/dist/types/Ability";
import {AnyJson} from "~/types/data";
import {useAccessProfileStore} from "~/stores/accessProfile";
import {useOrganizationProfileStore} from "~/stores/organizationProfile";

/**
 * Classe permettant de mener des opérations sur les habilités
 */
class AbilitiesUtils {
    private readonly $ability: MongoAbility = {} as MongoAbility

    /**
     * @constructor
     */
    constructor(ability: MongoAbility) {
        this.$ability = ability
    }

    /**
     * Définit les abilities de l'utilisateur à chaque fois qu'on met à jour son profile
     */
    setAbilities() {
        const accessProfileStore = useAccessProfileStore()
        const organizationProfileStore = useOrganizationProfileStore()

        // Nécessaire pour que l'update des habilités soit correcte après la phase SSR
        this.$ability.update(accessProfileStore.abilities)

        // Au moment où l'on effectue un SetProfile, il faut aller récupérer
        // les différentes habilités que l'utilisateur peut effectuer. (Tout cela se passe en SSR)
        const unsubscribe = organizationProfileStore.$onAction(({
                name, // name of the action
                store, // store instance, same as `someStore`
                args, // array of parameters passed to the action
                after, // hook after the action returns or resolves
                onError, // hook if the action throws or rejects
            }) => {
            after((result)=>{
                if(name === 'setProfile'){
                    //On récupère les abilités
                    const abilities: Array<AbilitiesType> = this.getAbilities();

                    //On les store puis on update le service ability pour le mettre à jour.
                    accessProfileStore.abilities = abilities
                    this.$ability.update(abilities)
                    // Unsubscribe pour éviter les memory leaks
                    unsubscribe()
                }
            })
        })
    }

    /**
     * Récupération de l'ensemble des abilities, qu'elles soient par Roles ou par Config
     *
     * @return {Array<AbilitiesType>}
     */
    getAbilities(): Array<AbilitiesType> {
        const accessProfileStore = useAccessProfileStore()
        const abilitiesByRoles: Array<AbilitiesType> = this.getAbilitiesByRoles(accessProfileStore.roles)
        this.$ability.update(abilitiesByRoles)
        return abilitiesByRoles.concat(this.getAbilitiesByConfig('./config/abilities/config.yaml'))
    }

    /**
     * Adaptation et transformations des roles en abilities
     *
     * @param {Array<string>} roles
     * @return {Array<AbilitiesType>}
     */
    getAbilitiesByRoles(roles: Array<string>): Array<AbilitiesType> {
        roles = $roleUtils.transformUnderscoreToHyphenBeforeCompleteMigration(roles)
        return $roleUtils.transformRoleToAbilities(roles)
    }

    /**
     * - Parcourt la config d'abilities en Yaml
     * - filtres la config pour ne garder que les abilities autorisées
     * - transform la config restante en Object Abilities
     * @param {string} configPath
     * @return {Array<AbilitiesType>}
     */
    getAbilitiesByConfig(configPath: string): Array<AbilitiesType> {
        let abilitiesByConfig: Array<AbilitiesType> = []
        try {
            const doc = YamlDenormalizer.denormalize({path: configPath})
            const abilitiesAvailable = doc.abilities
            const abilitiesFiltered = this.abilitiesAvailableFilter(abilitiesAvailable)
            abilitiesByConfig = this.transformAbilitiesConfigToAbility(abilitiesFiltered)
        } catch (e: any) {
            throw new Error(e.message)
        }
        return abilitiesByConfig
    }

    /**
     * Filtre toutes les abilities possible suivant si l'utilisateur est autorisé ou non à les posséder
     *
     * @param {AnyJson} abilitiesAvailable
     * @return {AnyJson}
     */
    abilitiesAvailableFilter(abilitiesAvailable: AnyJson): AnyJson {
        return usePickBy(abilitiesAvailable, (ability: any) => {
            const services = ability.services
            return this.canHaveTheAbility(services)
        })
    }

    /**
     * Transform une config d'abilities en un tableau d'Abilities
     *
     * @param {AnyJson} abilitiesAvailable
     * @return {Array<AbilitiesType>}
     */
    transformAbilitiesConfigToAbility(abilitiesAvailable: AnyJson): Array<AbilitiesType> {
        const abilitiesByConfig: Array<AbilitiesType> = []
        useEach(abilitiesAvailable, (ability, subject) => {
            const myAbility: AbilitiesType = {
                action: ability.action,
                subject
            }
            abilitiesByConfig.push(myAbility)
        })
        return abilitiesByConfig
    }

    /**
     * Parcourt les fonctions par services et établit si oui ou non l'habilité est autorisée
     *
     * @return {boolean}
     * @param functionByservices
     */
    canHaveTheAbility(functionByservices: AnyJson) {
        let hasAbility: boolean = true;
        useEach(functionByservices, (functions, service) => {
            if (hasAbility) {
                const nbFunctions: number = functions.length
                let cmpt: number = 0

                while (hasAbility && nbFunctions > cmpt) {
                    const f: string = functions[cmpt]['function'];
                    const parameters: any = functions[cmpt]['parameters'] ?? null;
                    const result: boolean = functions[cmpt]['result'] ?? true;

                    // TODO : à revoir
                    hasAbility = result !== null ? this.factory[service].handler()[f](parameters) == result : this.factory[service].handler()[f](parameters)
                    cmpt++
                }
            }
        })
        return hasAbility
    }
}

export const $abilitiesUtils = (ability: MongoAbility) => new AbilitiesUtils(ability)