import { FreshContext, MiddlewareHandler } from "$fresh/server.ts";
import {
  AppProperties,
  AuthenticatedState,
} from "$root/defaults/interfaces.ts";

export const handler: MiddlewareHandler<AuthenticatedState>[] = [
  /**
   * Get all available pages for current user.
   * @param request The HTTP incomming request.
   * @param context The Fresh context object with custom `AuthenticatedState`.
   * @returns The response from the next middleware.
   */
  async function getAllAvailablePages(
    request: Request,
    context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
    const pathname = new URL(request.url).pathname;
    const currentApp = pathname.split("/")[1];
    const properties: AppProperties = (await import(
      `./${currentApp}/(_props)/props.ts`
    )).default;

    const isStudent =
      context.state.session.eduPersonPrimaryAffiliation === "student";
    const isLocal = Deno.env.get("LOCAL") === "true";

    // Block students from accessing employeeOnly modules entirely
    if (isStudent && properties.employeeOnly) {
      return new Response(null, { status: 403 });
    }

    context.state.availablePages = { ...properties.pages };

    if (isStudent) {
      // Students only see studentOnly pages (+ non-restricted pages)
      properties.adminOnly.forEach((page) =>
        delete context.state.availablePages[page]
      );
    } else if (isLocal) {
      // In local mode, employees see all pages (admin + student)
    } else {
      // In prod, employees don't see studentOnly pages
      properties.studentOnly?.forEach((page) =>
        delete context.state.availablePages[page]
      );
    }

    return await context.next();
  },
];