const UserError = require('vn-loopback/util/user-error');

module.exports = Self => {
    Self.remoteMethodCtx('changeState', {
        description: 'Change the state of a ticket',
        accessType: 'WRITE',
        accepts: [
            {
                arg: 'data',
                description: 'Model instance data',
                type: 'Object',
                required: true,
                http: {source: 'body'}
            }
        ],
        returns: {
            type: 'string',
            root: true
        },
        http: {
            path: `/changeState`,
            verb: 'POST'
        }
    });

    Self.changeState = async(ctx, data) => {
        let userId = ctx.req.accessToken.userId;
        let models = Self.app.models;

        let isEditable = await models.Ticket.isEditable(data.ticketFk);
        let assignedState = await models.State.findOne({where: {code: 'PICKER_DESIGNED'}});
        let isAssigned = assignedState.id === data.stateFk;

        let isProduction = await models.Account.hasRole(userId, 'production');
        let isSalesPerson = await models.Account.hasRole(userId, 'salesPerson');
        let isAllowed = isProduction || isSalesPerson && isEditable && isAssigned;

        if (!isAllowed)
            throw new UserError(`You don't have enough privileges`, 'ACCESS_DENIED');

        if (!isAssigned) {
            let worker = await models.Worker.findOne({where: {userFk: userId}});
            data.workerFk = worker.id;
        }

        return await models.TicketTracking.create(data);
    };
};