defmodule Cap.Abac do
  @doc """
  ABAC is Attribute-Based Access ControlCall, check owner of resource.
  Return true of false

   ## Example

       apply_abac(req, resource)

  """
  def apply_abac(req, resource) do
    list_check = [:show, :edit, :update, :delete]

    if req.plug_opts in list_check do
      check_abac(req, resource)
    else
      true
    end
  end

  defp check_abac(req, resource) do
    module = req.plug
    has_abac = Keyword.has_key?(module.__info__(:functions), :abac)

    if has_abac do
      %{"id" => id} = req.path_params
      check_id = apply(module, :abac, [id])
      value_to_string(check_id) == resource.id
    else
      true
    end
  end

  defp value_to_string(value) when is_integer(value), do: Integer.to_string(value)
  defp value_to_string(value), do: value
end