'use strict'
/** @typedef {import('@adonisjs/framework/src/Request')} Request */
/** @typedef {import('@adonisjs/framework/src/Response')} Response */
/** @typedef {import('@adonisjs/framework/src/View')} View */

class BookCallPageAuth {
  /**
   * @param {object} ctx
   * @param {Request} ctx.request
   * @param {Function} next
   */
  async handle(ctx, next) {
    const {request, auth, response, book, call} = ctx;
    // call next to advance the request
    const user = auth.user;
    if (book.user_id) {
      // Belongs to a user. Check if the book user has a connection with this
      // user
      if (book.user_id === user.id) {
        await next();
      } else if (call.parent_id === user.id || call.guest_id === user.id) {
        await next();
      } else {
        response.status(403);
        response.send({code: 403, message: 'Book is private'});
      }
    } else {
      await next();
    }
  }
}

module.exports = BookCallPageAuth