using Microsoft.AspNetCore.Http;
using NPin.Framework.Core.Extensions;
using NPin.Framework.Upms.Domain.Shared.Consts;
using Volo.Abp.DependencyInjection;
using Volo.Abp.Users;

namespace NPin.Framework.Upms.Domain.Authorization;

/// <summary>
/// 默认权限处理器
/// </summary>
public class DefaultPermissionHandler : IPermissionHandler, ITransientDependency
{
    private readonly ICurrentUser _currentUser;
    private readonly IHttpContextAccessor _httpContextAccessor;

    public DefaultPermissionHandler(ICurrentUser currentUser, IHttpContextAccessor httpContextAccessor)
    {
        _currentUser = currentUser;
        _httpContextAccessor = httpContextAccessor;
    }

    public bool IsPass(string permission)
    {
        var permissions = _httpContextAccessor.HttpContext.GetUserPermissions(TokenTypeConst.Permission);

        // 超级管理员
        if (permissions.Contains("*:*:*"))
        {
            return true;
        }

        return permissions.Contains(permission);
    }
}