const UserError = require('vn-loopback/util/user-error');

module.exports = Self => {
    Self.remoteMethodCtx('updateTimeEntry', {
        description: 'Updates a time entry for a worker if the user role is above the worker',
        accessType: 'READ',
        accepts: [{
            arg: 'id',
            type: 'number',
            required: true,
            description: 'The time entry id',
            http: {source: 'path'}
        },
        {
            arg: 'direction',
            type: 'string',
            required: true
        }],
        returns: {
            type: 'boolean',
            root: true
        },
        http: {
            path: `/:id/updateTimeEntry`,
            verb: 'POST'
        }
    });

    Self.updateTimeEntry = async(ctx, id, options) => {
        const currentUserId = ctx.req.accessToken.userId;
        const models = Self.app.models;
        const args = ctx.args;

        const myOptions = {};

        if (typeof options == 'object')
            Object.assign(myOptions, options);

        const targetTimeEntry = await Self.findById(id, null, myOptions);
        const isSubordinate = await models.Worker.isSubordinate(ctx, targetTimeEntry.userFk, myOptions);
        const isTeamBoss = await models.Account.hasRole(currentUserId, 'teamBoss', myOptions);
        const isHimself = currentUserId == targetTimeEntry.userFk;

        const notAllowed = isSubordinate === false || (isSubordinate && isHimself && !isTeamBoss);

        if (notAllowed)
            throw new UserError(`You don't have enough privileges`);

        return targetTimeEntry.updateAttributes({
            direction: args.direction
        }, myOptions);
    };
};