import { Role } from '@/types/auth';

export const PERMISSIONS = {
  // User permissions
  VIEW_DASHBOARD: 'view_dashboard',
  VIEW_CONTACTS: 'view_contacts',
  MANAGE_CONTACTS: 'manage_contacts',
  VIEW_CONVERSATIONS: 'view_conversations',
  SEND_MESSAGES: 'send_messages',
  VIEW_OPPORTUNITIES: 'view_opportunities',
  MANAGE_OPPORTUNITIES: 'manage_opportunities',
  VIEW_REPORTS: 'view_reports',

  // Admin permissions
  VIEW_ALL_USERS: 'view_all_users',
  MANAGE_USERS: 'manage_users',
  VIEW_SETTINGS: 'view_settings',
  MANAGE_SETTINGS: 'manage_settings',
  VIEW_AUDIT_LOG: 'view_audit_log',

  // Super Admin permissions
  MANAGE_API_KEYS: 'manage_api_keys',
  MANAGE_SYSTEM: 'manage_system',
  IMPERSONATE_USER: 'impersonate_user',
} as const;

export type Permission = typeof PERMISSIONS[keyof typeof PERMISSIONS];

export const ROLE_PERMISSIONS: Record<Role, Permission[]> = {
  USER: [
    PERMISSIONS.VIEW_DASHBOARD,
    PERMISSIONS.VIEW_CONTACTS,
    PERMISSIONS.MANAGE_CONTACTS,
    PERMISSIONS.VIEW_CONVERSATIONS,
    PERMISSIONS.SEND_MESSAGES,
    PERMISSIONS.VIEW_OPPORTUNITIES,
    PERMISSIONS.MANAGE_OPPORTUNITIES,
    PERMISSIONS.VIEW_REPORTS,
  ],
  ADMIN: [
    // All USER permissions
    PERMISSIONS.VIEW_DASHBOARD,
    PERMISSIONS.VIEW_CONTACTS,
    PERMISSIONS.MANAGE_CONTACTS,
    PERMISSIONS.VIEW_CONVERSATIONS,
    PERMISSIONS.SEND_MESSAGES,
    PERMISSIONS.VIEW_OPPORTUNITIES,
    PERMISSIONS.MANAGE_OPPORTUNITIES,
    PERMISSIONS.VIEW_REPORTS,
    // Plus ADMIN permissions
    PERMISSIONS.VIEW_ALL_USERS,
    PERMISSIONS.MANAGE_USERS,
    PERMISSIONS.VIEW_SETTINGS,
    PERMISSIONS.VIEW_AUDIT_LOG,
  ],
  SUPER_ADMIN: [
    // All permissions
    ...Object.values(PERMISSIONS),
  ],
};

export function hasPermission(role: Role, permission: Permission): boolean {
  return ROLE_PERMISSIONS[role]?.includes(permission) ?? false;
}

export function hasAnyPermission(role: Role, permissions: Permission[]): boolean {
  return permissions.some(p => hasPermission(role, p));
}

export function hasAllPermissions(role: Role, permissions: Permission[]): boolean {
  return permissions.every(p => hasPermission(role, p));
}

export function isAdmin(role: Role): boolean {
  return role === 'ADMIN' || role === 'SUPER_ADMIN';
}

export function isSuperAdmin(role: Role): boolean {
  return role === 'SUPER_ADMIN';
}