import { useQuery } from "@tanstack/react-query";
import { fetchMe, fetchTenant } from "../../../lib/adminApi";
import { normalizeAdminRole } from "../../../lib/roles";

export type TenantPermissionKey =
  | "view"
  | "manage"
  | "manage_admins"
  | "view_profile"
  | "manage_profile"
  | "view_permissions"
  | "manage_permissions"
  | "view_organization"
  | "manage_organization"
  | "view_schema"
  | "manage_schema"
  | "view_worksmobile"
  | "manage_worksmobile";

export function useTenantPermission(tenantId: string) {
  const { data: profile } = useQuery({
    queryKey: ["me"],
    queryFn: fetchMe,
  });

  const { data: tenant } = useQuery({
    queryKey: ["tenant", tenantId],
    queryFn: () => fetchTenant(tenantId),
    enabled: !!tenantId,
  });

  const hasPermission = (requiredRelation: TenantPermissionKey): boolean => {
    // Super Admin always has full bypass access
    if (normalizeAdminRole(profile?.role) === "super_admin") {
      return true;
    }
    return !!tenant?.userPermissions?.[requiredRelation];
  };

  return { hasPermission, isLoading: !tenant };
}