"""Views relating to `System` resource(s)."""
import logging
from dataclasses import asdict
from flask import request, jsonify, Blueprint, current_app as app

from gn_libs import sqlite3 as authdb

from gn_auth.auth.authorisation.roles.models import db_rows_to_roles
from gn_auth.auth.authentication.oauth2.resource_server import require_oauth

from .models import user_roles_on_system

logger = logging.getLogger(__name__)
system = Blueprint("system", __name__)


@system.route("/roles")
def system_roles():
    """Get the roles that a user has that act on the system."""
    with (authdb.connection(app.config["AUTH_DB"]) as conn,
          authdb.cursor(conn) as cursor):
        if not bool(request.headers.get("Authorization", False)):
            cursor.execute(
                "SELECT r.*, p.* FROM roles AS r "
                "INNER JOIN role_privileges AS rp ON r.role_id=rp.role_id "
                "INNER JOIN privileges AS p ON rp.privilege_id=p.privilege_id "
                "WHERE r.role_name='public-view'")
            return jsonify(tuple(
                asdict(role) for role in db_rows_to_roles(cursor.fetchall())))

        with require_oauth.acquire("profile group") as the_token:
            return jsonify(tuple(
                asdict(role) for role in
                user_roles_on_system(conn, the_token.user)))