class Support::ApplicationController < ActionController::API
  include ResponseMethods
  include ApplicationHelper

  before_action :authenticate_request!
  before_action :require_permissions!

  private
    def authenticate_request!
      return if validate_api_key && token&.validate_token(headers['access-token'])

      render_error :forbidden, errors: 'Not Authenticated'
    end

    def current_user
      @current_user ||= Support::User.find_by(id: headers['uid'])
    end

    def token
      @token ||= Support::Token.find_by(user: current_user, client: headers['client'])
    end

    def curret_user_permissions
      @curret_user_permissions ||= Support::Permission.find_or_initialize_by(user: current_user)
    end

    def validate_api_key
      headers['key'] == Rails.application.secrets.support_api_key
    end

    def headers
      request.headers
    end

    def refresh_token
      return if token.is_batch? || token.reuse_token?

      token.with_lock do
        token.refresh

        response.headers.merge!(token.auth_headers) if token.save
      end
    end

    def require_permissions!
      return if current_user.has_permissions?(area, permissions)

      render_error :forbidden, errors: 'Permission Required'
    end

    def permissions
      if [:index, :show].include?(action_name.to_sym)
        ['read', 'write', 'manage']
      else
        ['write', 'manage']
      end
    end

    def area
      nil
    end
end