using Microsoft.AspNetCore.Mvc;
using DevExpress.ExpressApp.Security;
using DevExpress.Persistent.BaseImpl.PermissionPolicy;
using DevExpress.ExpressApp;
using DevExpress.ExpressApp.SystemModule;
using DevExpress.Persistent.Base;
using DevExpress.ExpressApp.WebApi;
using System.Linq;
using DevExpress.ExpressApp.Core;
using DurnyklyYol.Module.BusinessObjects;
using Microsoft.AspNetCore.Authorization;
using DevExpress.ExpressApp.WebApi.Services;

namespace DurnyklyYol.Blazor.Server.Controllers
{
    [ApiController]
    [Route("api/[controller]")]
    [Authorize]
    public class ClientController : Microsoft.AspNetCore.Mvc.ControllerBase
    {
        private readonly IDataService dataService;
        private readonly ISecurityProvider securityProvider;

        public ClientController(IDataService dataService, ISecurityProvider securityProvider)
        {
            this.dataService = dataService;
            this.securityProvider = securityProvider;
        }

        [HttpGet(nameof(GetClient))]
        [Authorize]
        public IActionResult GetClient()
        {
            var objectSpace = dataService.GetObjectSpace<Client>();
            var userID = (Guid)securityProvider.GetSecurity().UserId;
            var clients = objectSpace.GetObjectsQuery<Client>()
                .Select(sl => new { Fulname = sl.FullName, Oid = sl.Oid, PhoneNo = sl.Telefon})
                .First(cl => cl.Oid == userID);


            return Ok(clients);
        }
    }
}