import functools

import jingrow
from jingrow.model.document import Page

from jcloude.utils import get_current_team

from .actions import ACTIONS_RULES
from .support_access import has_support_access


def action_guard(action: str):
	"""
	Decorator to guard actions based on team permissions and access rules. This
	decorator should only be used with instance methods of classes that inherit
	from jingrow.Page. It validates permissions before allowing the
	decorated method to execute.
	"""

	def throw_err():
		msg = "You do not have permission to perform this action"
		jingrow.throw(msg, jingrow.PermissionError)

	def decorator(fn):
		@functools.wraps(fn)
		def wrapper(instance: Page, *args, **kwargs):
			if jingrow.local.system_user():
				return fn(instance, *args, **kwargs)

			current_team = get_current_team()
			instance_team = getattr(instance, "team", None)

			if instance_team and instance_team == current_team:
				return fn(instance, *args, **kwargs)

			if has_support_access(instance.pagetype, instance.name, action):
				return fn(instance, *args, **kwargs)

			pagetype_rules = ACTIONS_RULES.get(instance.pagetype, {})
			action_allowed = pagetype_rules.get(action, True)
			if not action_allowed:
				throw_err()

			return fn(instance, *args, **kwargs)

		return wrapper

	return decorator