// Copyright 2019 Yunion
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package mcclient

import (
	"time"

	"yunion.io/x/jsonutils"
	"yunion.io/x/pkg/gotypes"
	"yunion.io/x/pkg/util/rbacscope"
)

type ExternalService struct {
	Name string `json:"name"`
	Url  string `json:"url"`

	Service string `json:"service"`
}

type Endpoint struct {
	Id          string `json:"id"`
	RegionId    string `json:"region_id"`
	ServiceId   string `json:"service_id"`
	ServiceName string `json:"service_name"`
	Url         string `json:"url"`
	Interface   string `json:"interface"`
}

func OwnerIdString(owner IIdentityProvider, scope rbacscope.TRbacScope) string {
	switch scope {
	case rbacscope.ScopeDomain:
		return owner.GetProjectDomainId()
	case rbacscope.ScopeProject:
		return owner.GetProjectId()
	case rbacscope.ScopeUser:
		return owner.GetUserId()
	default:
		return ""
	}
}

// interface for owner
type IIdentityProvider interface {
	GetProjectId() string
	GetUserId() string
	GetTenantId() string
	GetProjectDomainId() string

	GetTenantName() string
	GetProjectName() string
	GetProjectDomain() string

	GetUserName() string
	GetDomainId() string
	GetDomainName() string
}

// interface for identity of user with project and roles
type IUserIdentity interface {
	IIdentityProvider

	GetRoleIds() []string
	GetRoles() []string
}

// interface for full keystone token
type TokenCredential interface {
	gotypes.ISerializable

	IServiceCatalog

	IUserIdentity

	GetTokenString() string
	GetRoles() []string
	// GetRoleIds() []string
	GetExpires() time.Time
	IsValid() bool
	ValidDuration() time.Duration
	// IsAdmin() bool
	HasSystemAdminPrivilege() bool

	// IsAllow(scope rbacscope.TRbacScope, service string, resource string, action string, extra ...string) rbacutils.SPolicyResult

	GetRegions() []string

	GetServiceCatalog() IServiceCatalog
	GetCatalogData(serviceTypes []string, region string) jsonutils.JSONObject

	GetEndpoints(region string, endpointType string) []Endpoint

	ToJson() jsonutils.JSONObject

	GetLoginSource() string
	GetLoginIp() string
	IsSystemAccount() bool
}