import type { Guest } from "@scandic-hotels/trpc/routers/booking/output"

import type { SafeUser } from "@/types/user"
import type { AdditionalInfoCookieValue } from "../FindMyBooking/AdditionalInfoForm"

export {
  ACCESS_GRANTED,
  accessBooking as default,
  ERROR_BAD_REQUEST,
  ERROR_FORBIDDEN,
  ERROR_NOT_FOUND,
  ERROR_UNAUTHORIZED,
}

/**
 * Whether a request can access a confirmed booking or not.
 */
function accessBooking(
  guest: Guest,
  lastName: string,
  user: SafeUser | null,
  cookie: string = ""
) {
  if (guest.membershipNumber) {
    if (user) {
      if (
        user.membershipNumber === guest.membershipNumber &&
        user.lastName.toLowerCase() === lastName.toLowerCase() &&
        lastName.toLowerCase() === guest.lastName?.toLowerCase()
      ) {
        return ACCESS_GRANTED
      }
    }

    return ERROR_UNAUTHORIZED
  }

  if (guest.lastName?.toLowerCase() === lastName.toLowerCase()) {
    if (user) {
      if (
        user.firstName.toLowerCase() === guest.firstName?.toLowerCase() &&
        user.email.toLowerCase() === guest.email?.toLowerCase()
      ) {
        return ACCESS_GRANTED
      }
    }

    const values =
      cookie && (JSON.parse(cookie) as Partial<AdditionalInfoCookieValue>)
    if (
      values &&
      values.firstName?.toLowerCase() === guest.firstName?.toLowerCase() &&
      values.email?.toLowerCase() === guest.email?.toLowerCase()
    ) {
      return ACCESS_GRANTED
    } else {
      return ERROR_BAD_REQUEST
    }
  }

  return ERROR_NOT_FOUND
}

const ERROR_BAD_REQUEST = {
  code: "BAD_REQUEST",
  status: 400,
} as const

const ERROR_UNAUTHORIZED = {
  code: "UNAUTHORIZED",
  status: 401,
} as const

const ERROR_FORBIDDEN = {
  code: "FORBIDDEN",
  status: 403,
} as const

const ERROR_NOT_FOUND = {
  code: "NOT_FOUND",
  status: 404,
} as const

const ACCESS_GRANTED = {
  code: "ACCESS_GRANTED",
  status: 200,
} as const