defmodule PolicyServiceWeb.Router do
  use PolicyServiceWeb, :router

  alias PolicyServiceWeb.PolicyController
  alias PolicyServiceWeb.HealthController

  pipeline :api do
    plug OpenApiSpex.Plug.PutApiSpec, module: PolicyServiceWeb.ApiSpec
  end

  pipeline :authenticated do
    plug PolicyServiceWeb.Plugs.AuthenticationPlug,
      provider: PolicyService.ZitadelProvider
  end

  pipeline :authorized do
    plug PolicyServiceWeb.Plugs.AuthorizationPlug
  end

  get "/health", HealthController, :health
  get "/health/ready", HealthController, :ready

  scope "/api" do
    pipe_through [:api]

    get "/openapi", OpenApiSpex.Plug.RenderSpec, []

    scope "/v1" do
      pipe_through [:authenticated, :authorized]

      get "/policies", PolicyController, :index, required_permission: "policy:read"
      get "/policies/:application_id", PolicyController, :show, required_permission: "policy:read"
      post "/policies", PolicyController, :create, required_permission: "policy:create_request"

      post "/policies/:application_id/accept", PolicyController, :accept,
        required_permission: "policy:submit_solicitation"
    end
  end

  scope "/swaggerui" do
    get "/", OpenApiSpex.Plug.SwaggerUI, path: "/api/openapi"
  end
end