package moe.ymc.acron.auth;

import moe.ymc.acron.jvav.Pair;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.jetbrains.annotations.NotNull;

public class PolicyChecker {
    private static final Logger LOGGER = LogManager.getLogger();

    public static Pair<Action, Boolean> check(@NotNull Client client,
                             @NotNull String command) {
        final String commandToMatch = command.startsWith("/") ?
                command.substring(1) :
                command;
        for (int i = 0; i < client.rules().length; i++) {
            final Rule rule = client.rules()[i];
            if (rule.cmdPattern().matcher(commandToMatch).matches()) {
                if (rule.action() == Action.DENY) {
                    LOGGER.warn("The command from client {}, `{}`, was " +
                                    "explicitly denied by rule #{} (starting from 1).",
                            client.id(),
                            command,
                            i + 1);
                } else {
                    LOGGER.warn("The command from client {}, `{}`, was " +
                                    "explicitly allowed by rule #{} (starting from 1).",
                            client.id(),
                            command,
                            i + 1);
                }
                return new Pair<>(rule.action(), rule.display());
            }
        }
        LOGGER.warn("The command from client {}, `{}`, was " +
                "implicitly {} by the default policy mode.",
                client.id(),
                command,
                client.policyMode() == Action.ALLOW ? "allowed" : "denied");
        return new Pair<>(client.policyMode() == Action.ALLOW ? Action.ALLOW : Action.DENY, false);
    }
}