import fs from 'fs';
import path from 'path';

/**
 * Check if the current user has write access to a table.
 * Reads .acai file from ACAI_PROJECT_DIR.
 * Returns { allowed: true } or { allowed: false, error: "..." }
 */
export function canAccessTable(tableName) {
    const projectDir = process.env.ACAI_PROJECT_DIR || "";
    if (!projectDir) return { allowed: true }; // no project dir, don't block

    const acaiFile = path.join(projectDir, ".acai");
    try {
        if (!fs.existsSync(acaiFile)) return { allowed: true };
        const data = JSON.parse(fs.readFileSync(acaiFile, "utf-8"));
        const user = data.user || {};

        // Admin has full access
        if (user.isAdmin === "1" || user.isAdmin === 1) return { allowed: true };

        const accessList = user.accessList || {};
        if (!accessList || Object.keys(accessList).length === 0) return { allowed: true };

        // all.accessLevel >= 9 means full access
        const allAccess = parseInt(accessList.all?.accessLevel || "0");
        if (allAccess >= 9) return { allowed: true };

        // Check specific table (without cms_ prefix)
        const bare = tableName.replace(/^cms_/, "");
        const entry = accessList[bare];
        if (entry && parseInt(entry.accessLevel || "0") > 0) return { allowed: true };

        return { allowed: false, error: `No tienes acceso a la tabla '${bare}'` };
    } catch (e) {
        return { allowed: true }; // On error, don't block
    }
}