package com.qmth.ops.api.security;

import com.qmth.boot.core.security.annotation.AuthorizationComponent;
import com.qmth.boot.core.security.service.AuthorizationService;
import com.qmth.boot.tools.signature.SignatureType;
import com.qmth.ops.api.constants.OpsApiConstants;
import com.qmth.ops.biz.domain.User;
import com.qmth.ops.biz.service.UserService;

import javax.annotation.Resource;

@AuthorizationComponent(prefix = OpsApiConstants.ADMIN_URI_PREFIX, type = SignatureType.TOKEN)
public class AdminAuthorizationService implements AuthorizationService<AdminSession>, OpsApiConstants {

    @Resource
    private UserService userService;

    @Override
    public AdminSession findByIdentity(String identity, SignatureType signatureType, String path) {
        User user = userService.getById(Long.parseLong(identity));
        if (user != null) {
            return new AdminSession(user);
        }
        return null;
    }

    @Override
    public boolean hasPermission(AdminSession session, String path) {
        return true;
    }
}