package httpapp

import (
	"net/http"

	"gitea.avt.data-center.id/othman.suseno/atlas/internal/errors"
)

// maintenanceMiddleware blocks operations during maintenance mode
func (a *App) maintenanceMiddleware(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		// Skip maintenance check for read-only operations and public endpoints
		if r.Method == http.MethodGet || r.Method == http.MethodHead || r.Method == http.MethodOptions {
			next.ServeHTTP(w, r)
			return
		}

		if a.isPublicEndpoint(r.URL.Path) {
			next.ServeHTTP(w, r)
			return
		}

		// Check if maintenance mode is enabled
		if a.maintenanceService != nil && a.maintenanceService.IsEnabled() {
			// Check if user is allowed during maintenance
			user, ok := getUserFromContext(r)
			if !ok || !a.maintenanceService.IsUserAllowed(user.ID) {
				writeError(w, errors.NewAPIError(
					errors.ErrCodeServiceUnavailable,
					"system is in maintenance mode",
					http.StatusServiceUnavailable,
				).WithDetails("the system is currently in maintenance mode and user operations are disabled"))
				return
			}
		}

		next.ServeHTTP(w, r)
	})
}