use erp_core::error::AppError;
use erp_core::types::TenantContext;
use sea_orm::{ColumnTrait, EntityTrait, QueryFilter};

use crate::entity::consent::{Column, Entity as ConsentEntity};
use uuid::Uuid;

/// 医护角色跳过 consent 检查
const BYPASS_ROLES: &[&str] = &["admin", "doctor", "nurse", "health_manager"];

/// 检查患者是否有有效的知情同意记录（status = granted）
/// 在 handler 层调用，对患者数据的读取进行 consent 门控
pub async fn check_consent_active(
    db: &sea_orm::DatabaseConnection,
    tenant_id: Uuid,
    patient_id: Uuid,
    ctx: &TenantContext,
) -> Result<(), AppError> {
    // 医护和管理角色不需要 consent 检查
    if ctx.roles.iter().any(|r| BYPASS_ROLES.contains(&r.as_str())) {
        return Ok(());
    }

    let has_active = ConsentEntity::find()
        .filter(Column::TenantId.eq(tenant_id))
        .filter(Column::PatientId.eq(patient_id))
        .filter(Column::Status.eq("granted"))
        .filter(Column::DeletedAt.is_null())
        .one(db)
        .await
        .map_err(|e| AppError::Internal(e.to_string()))?;

    if has_active.is_none() {
        return Err(AppError::Forbidden(
            "患者未签署知情同意书，无法访问数据".to_string(),
        ));
    }

    Ok(())
}