import { workspaceMemberRepo } from '@/lib/database/repositories/workspace-member.repo'
import { getEffectiveWorkspaceRole, roleAllowsAccess, type WorkspaceAccess } from './workspace-access'

export interface AccessibleWorkspaceSummary {
  id: string
  path: string
  last_opened_at: string
}

export function listAccessibleWorkspaces(userId?: string): AccessibleWorkspaceSummary[] {
  const rows = userId
    ? workspaceMemberRepo.listAccessibleByUser(userId)
    : workspaceMemberRepo.listAll()
  return rows.map(row => ({ id: row.id, path: row.path, last_opened_at: row.lastOpenedAt }))
}

export function getMostRecentAccessibleWorkspace(userId?: string): { id: string } | undefined {
  const workspace = listAccessibleWorkspaces(userId)[0]
  return workspace ? { id: workspace.id } : undefined
}

export function getAccessibleWorkspaceByPath(projectPath: string, userId?: string): { id: string } | undefined {
  if (!userId) {
    return workspaceMemberRepo.findIdByPath(projectPath)
  }
  return workspaceMemberRepo.findIdByPath(projectPath, userId)
}

export function userCanAccessWorkspace(
  workspaceId: string,
  userId: string | undefined,
  minimumAccess: WorkspaceAccess = 'read',
): boolean {
  if (!userId) return true
  if (workspaceId === '__global__') return true

  const workspace = workspaceMemberRepo.findDetailForAuth(workspaceId)
  if (!workspace) return false

  const direct = workspaceMemberRepo.findRoleByWorkspaceAndUser(workspace.id, userId)

  const role = getEffectiveWorkspaceRole({
    userId,
    workspaceOwnerUserId: workspace.ownerUserId,
    workspaceDirectRole: direct ?? null,
  })
  return roleAllowsAccess(role, minimumAccess)
}
