package org.gcube.informationsystem.resourceregistry.contexts.security;

import java.util.UUID;

import org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException;
import org.gcube.informationsystem.resourceregistry.contexts.ContextUtility;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * @author Luca Frosini (ISTI - CNR)
 */
public class ContextSecurityContext extends SecurityContext {
	
	private static Logger logger = LoggerFactory.getLogger(SecurityContext.class);
	
	private static final String CONTEXT_SECURITY_CONTEXT;
	private static final UUID CONTEXT_SECURITY_CONTEXT_UUID;
	
	static {
		CONTEXT_SECURITY_CONTEXT = "ffffffff-ffff-ffff-ffff-ffffffffffff";
		CONTEXT_SECURITY_CONTEXT_UUID = UUID.fromString(CONTEXT_SECURITY_CONTEXT);
	}
	
	private static ContextSecurityContext instance;
	
	public static ContextSecurityContext getInstance() throws ResourceRegistryException {
		if(instance==null) {
			instance = new ContextSecurityContext();
			ContextUtility contextUtility = ContextUtility.getInstance();
			contextUtility.addSecurityContext(CONTEXT_SECURITY_CONTEXT, instance);
		}
		return instance;
	}
	
	private ContextSecurityContext() throws ResourceRegistryException {
		super(CONTEXT_SECURITY_CONTEXT_UUID, false);
	}
	
	@Override
	protected Role addExtraRules(Role role, PermissionMode permissionMode) {
		logger.trace("Adding extra rules for {}", role.getName());
		switch(permissionMode) {
			case WRITER:
				role.addRule(Rule.ResourceGeneric.CLUSTER, null, Role.PERMISSION_ALL);
				role.addRule(Rule.ResourceGeneric.SYSTEM_CLUSTERS, null, Role.PERMISSION_ALL);
				role.addRule(Rule.ResourceGeneric.CLASS, null, Role.PERMISSION_ALL);
				break;
			
			case READER:
				role.addRule(Rule.ResourceGeneric.CLUSTER, null, Role.PERMISSION_READ);
				role.addRule(Rule.ResourceGeneric.SYSTEM_CLUSTERS, null, Role.PERMISSION_READ);
				role.addRule(Rule.ResourceGeneric.CLASS, null, Role.PERMISSION_READ);
				break;
			
			default:
				break;
		}
		return role;
	}
	
}