module.exports = Self => {
    Self.remoteMethod('acl', {
        description: 'Get the user information and permissions',
        accepts: [
            {
                arg: 'ctx',
                type: 'Object',
                http: {source: 'context'}
            }
        ],
        returns: {
            type: 'Object',
            root: true
        },
        http: {
            path: `/acl`,
            verb: 'GET'
        }
    });

    Self.acl = async function(ctx) {
        let userId = ctx.req.accessToken.userId;
        let models = Self.app.models;

        let user = await models.Account.findById(userId, {
            fields: ['id', 'name', 'nickname', 'email']
        });

        let roles = await models.RoleMapping.find({
            fields: ['roleId'],
            where: {
                principalId: userId,
                principalType: 'USER'
            },
            include: [{
                relation: 'role',
                scope: {
                    fields: ['name']
                }
            }]
        });

        return {roles, user};
    };
};