const errors = require('../../errors');
const TokensService = require('../../services/tokens');
const {
  CREATE_TOKEN,
  REVOKE_TOKEN
} = require('../../perms/constants');

// Creates a new token for a user.
const createToken = async ({user}, {name}) => {
  let {pat, jwt} = await TokensService.create(user.id, name);

  // Attach the token to the PAT.
  pat.jwt = jwt;

  // Return that PAT!
  return pat;
};

// Revokes the token from the user.
const revokeToken = async ({user}, {id}) => {
  return TokensService.revoke(user.id, id);
};

module.exports = (context) => {
  let mutators = {
    Token: {
      create: () => Promise.reject(errors.ErrNotAuthorized),
      revoke: () => Promise.reject(errors.ErrNotAuthorized)
    }
  };

  if (context.user && context.user.can(CREATE_TOKEN)) {
    mutators.Token.create = (input) => createToken(context, input);
  }

  if (context.user && context.user.can(REVOKE_TOKEN)) {
    mutators.Token.revoke = (input) => revokeToken(context, input);
  }

  return mutators;
};