package policyengine

import "sync/atomic"

type inmemory struct {
	chainCounter atomic.Uint32
	namespace    map[Name][]chain
	resource     map[Name][]chain
	local        map[Name][]*Chain
}

type chain struct {
	object string
	chain  *Chain
}

// NewInMemory returns new inmemory instance of chain storage.
func NewInMemory() CachedChainStorage {
	return &inmemory{
		namespace: make(map[Name][]chain),
		resource:  make(map[Name][]chain),
		local:     make(map[Name][]*Chain),
	}
}

// TODO параметры для actor (IP)
// TODO
func (s *inmemory) IsAllowed(name Name, namespace string, r Request) (Status, bool) {
	var ruleFound bool
	if local, ok := s.local[name]; ok {
		for _, c := range local {
			if status, matched := c.Match(r); matched && status != Allow {
				return status, true
			}
		}
	}
	if cs, ok := s.namespace[name]; ok {
		status, ok := matchArray(cs, namespace, r)
		if ok && status != Allow {
			return status, true
		}
		ruleFound = ruleFound || ok
	}
	if cs, ok := s.resource[name]; ok {
		status, ok := matchArray(cs, r.Resource().Name(), r)
		if ok {
			return status, true
		}
		ruleFound = ruleFound || ok
	}
	if ruleFound {
		return Allow, true
	}
	return NoRuleFound, false
}

func matchArray(cs []chain, object string, r Request) (Status, bool) {
	for _, c := range cs {
		if !globMatch(object, c.object) {
			continue
		}
		if status, matched := c.chain.Match(r); matched {
			return status, true
		}
	}
	return NoRuleFound, false
}

func (s *inmemory) AddResourceChain(name Name, resource string, c *Chain) {
	s.resource[name] = append(s.resource[name], chain{resource, c})
}

func (s *inmemory) AddNameSpaceChain(name Name, namespace string, c *Chain) {
	s.namespace[name] = append(s.namespace[name], chain{namespace, c})
}

func (s *inmemory) AddOverride(name Name, c *Chain) {
	s.local[name] = append(s.local[name], c)
}