const { decorateWithPermissionCheck, getRequestedFields } = require('./util');
const {
  SEARCH_ASSETS,
  SEARCH_OTHERS_COMMENTS,
  SEARCH_OTHER_USERS,
} = require('../../perms/constants');

const RootQuery = {
  assets(_, { query }, { loaders: { Assets } }) {
    return Assets.getByQuery(query);
  },
  asset(_, query, { loaders: { Assets } }) {
    if (query.id) {
      return Assets.getByID.load(query.id);
    }

    return Assets.getByURL(query.url);
  },
  settings(_, args, { loaders: { Settings } }, info) {
    // Get the fields we want from the settings.
    const fields = getRequestedFields(info);

    // Load only the requested fields.
    return Settings.select(...fields);
  },

  // This endpoint is used for loading moderation queues, so hide it in the
  // event that we aren't an admin.
  async comments(_, { query }, { loaders: { Comments } }) {
    return Comments.getByQuery(query);
  },

  comment(_, { id }, { loaders: { Comments } }) {
    return Comments.get.load(id);
  },

  async commentCount(_, { query }, { loaders: { Comments, Assets } }) {
    const { asset_url, asset_id } = query;
    if (
      (!asset_id || asset_id.length === 0) &&
      asset_url &&
      asset_url.length > 0
    ) {
      let asset = await Assets.findByUrl(asset_url);
      if (asset) {
        query.asset_id = asset.id;
      }
    }

    return Comments.getCountByQuery(query);
  },

  async userCount(_, { query }, { loaders: { Users } }) {
    return Users.getCountByQuery(query);
  },

  // This returns the current user, ensure that if we aren't logged in, we
  // return null.
  me(_, args, { user }) {
    if (user == null) {
      return null;
    }

    return user;
  },

  // this returns an arbitrary user
  user(_, { id }, { loaders: { Users } }) {
    return Users.getByID.load(id);
  },

  // This endpoint is used for loading the user moderation queues (users whose username has been flagged),
  // so hide it in the event that we aren't an admin.
  users(_, { query }, { loaders: { Users } }) {
    return Users.getByQuery(query);
  },
};

// Protect some query fields that are privileged.
decorateWithPermissionCheck(RootQuery, {
  assets: [SEARCH_ASSETS],
  users: [SEARCH_OTHER_USERS],
  userCount: [SEARCH_OTHER_USERS],
  commentCount: [SEARCH_OTHERS_COMMENTS],
});

// Protect the user field so only users who have permission to look up another
// user may do so as well as a user looking up themselves.
decorateWithPermissionCheck(
  RootQuery,
  {
    user: [SEARCH_OTHER_USERS],
  },
  (obj, { id }, { user }) => {
    if (user && user.id === id) {
      return true;
    }

    // We don't return false because we want to fallthrough to the permission
    // check if the custom check fails.
  }
);

module.exports = RootQuery;