<?php

declare(strict_types=1);

namespace App\Policies;

use App\Enums\Artist\ArtistEngagementStatus;
use App\Models\Artist;
use App\Models\Organisation;
use App\Models\User;

/**
 * Authorization model — role-based per existing codebase pattern.
 *
 * RFC v0.2 §9 permission mapping (deferred to AUTH-PERMISSIONS-MIGRATION
 * when fine-grained permissions are operationally required):
 *   organisations.manage_artists — program_manager, org_admin, super_admin
 *   (read-only access — any authenticated organisation member)
 */
final class ArtistPolicy
{
    public function viewAny(User $user, Organisation $organisation): bool
    {
        return $user->hasRole('super_admin')
            || $organisation->users()->where('user_id', $user->id)->exists();
    }

    public function view(User $user, Artist $artist): bool
    {
        return $user->hasRole('super_admin')
            || $artist->organisation->users()->where('user_id', $user->id)->exists();
    }

    public function create(User $user, Organisation $organisation): bool
    {
        return $this->canManageArtists($user, $organisation);
    }

    public function update(User $user, Artist $artist): bool
    {
        return $this->canManageArtists($user, $artist->organisation);
    }

    /**
     * Soft-delete is blocked while the artist still has any non-terminal
     * engagement (D27 — soft-delete preserves historical engagements but
     * the master must not vanish underneath an active booking).
     */
    public function delete(User $user, Artist $artist): bool
    {
        if (! $this->canManageArtists($user, $artist->organisation)) {
            return false;
        }

        $hasActive = $artist->engagements()
            ->whereNotIn('booking_status', [
                ArtistEngagementStatus::Cancelled->value,
                ArtistEngagementStatus::Rejected->value,
                ArtistEngagementStatus::Declined->value,
            ])
            ->exists();

        return ! $hasActive;
    }

    public function restore(User $user, Artist $artist): bool
    {
        return $this->canManageArtists($user, $artist->organisation);
    }

    private function canManageArtists(User $user, Organisation $organisation): bool
    {
        if ($user->hasRole('super_admin')) {
            return true;
        }

        return $organisation->users()
            ->where('user_id', $user->id)
            ->wherePivotIn('role', ['org_admin', 'program_manager'])
            ->exists();
    }
}