package ape

import (
	"errors"

	checkercore "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/common/ape"
	apistatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
)

var (
	errMissingContainerID      = malformedRequestError("missing container ID")
	errEmptyVerificationHeader = malformedRequestError("empty verification header")
	errEmptyBodySig            = malformedRequestError("empty at body signature")
	errInvalidSessionSig       = malformedRequestError("invalid session token signature")
	errInvalidSessionOwner     = malformedRequestError("invalid session token owner")
	errInvalidVerb             = malformedRequestError("session token verb is invalid")
)

func malformedRequestError(reason string) error {
	invalidArgErr := &apistatus.InvalidArgument{}
	invalidArgErr.SetMessage(reason)
	return invalidArgErr
}

func toStatusErr(err error) error {
	var chRouterErr *checkercore.ChainRouterError
	if !errors.As(err, &chRouterErr) {
		errServerInternal := &apistatus.ServerInternal{}
		apistatus.WriteInternalServerErr(errServerInternal, err)
		return errServerInternal
	}
	errAccessDenied := &apistatus.ObjectAccessDenied{}
	errAccessDenied.WriteReason("ape denied request: " + err.Error())
	return errAccessDenied
}