package de.hsadmin.mods.db;

import java.util.List;

import javax.persistence.EntityManager;
import javax.persistence.Query;

import de.hsadmin.core.model.AbstractEntity;
import de.hsadmin.core.model.AbstractModuleImpl;
import de.hsadmin.core.model.AuthorisationException;
import de.hsadmin.core.model.HSAdminException;
import de.hsadmin.mods.pac.Pac;

public class PgSqlUserModuleImpl extends AbstractModuleImpl {

	@Override
	public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException {
		PgSqlUser user = (PgSqlUser) newEntity;
		String name = user.getName();
		if (name.length() < 7 || name.charAt(5) != '_') {
			throw new AuthorisationException(getLoginUser(), "add", newEntity);
		}
		EntityManager em = getTransaction().getEntityManager();
		Query qPac = em.createQuery("SELECT obj FROM Pacs obj WHERE obj.name = :pacName");
		qPac.setParameter("pacName", name.substring(0, 5));
		Object singleResult = qPac.getSingleResult();
		Pac pac = (Pac) singleResult;
		if (pac == null || !pac.isReadAllowedFor(getLoginUser())) {
			throw new AuthorisationException(getLoginUser(), "add", newEntity);
		}
		return super.add(newEntity);
	}

	@Override
	public List<AbstractEntity> search(Class<? extends AbstractEntity> entityClass,
			String condition, String orderBy) throws HSAdminException {
		if (orderBy == null || orderBy.length() == 0) {
			orderBy = "ORDER BY obj.name ASC";
		}
		return super.search(entityClass, condition, orderBy);
	}
	
}