var _ = require('lodash')
var db = require('../db')
var util = require('../util/util')
var upload = require('../util/upload')

var privacy = module.exports = {
  checkIsAdmin: function(req, res, next){
    if (req.user.get('ulevel') !== 3) {
      return res.sendStatus(500)
    }
    next()
  },
  checkUserPrivacy: function(req, res, next) {
    if (req.user.get('username') !== res.user.get('username')) {
      return res.sendStatus(500)
    }
    next()
  },
  checkThreadPrivacy: function(req, res, next) {
    if (res.thread.get('id') !== 1 && ! res.thread.checkPrivacy(req.user)) {
      return res.sendStatus(500)
    }
    next()
  },
  checkCommentPrivacy: function(req, res, next) {
    if (req.user.get('ulevel') !== 3 && req.user.get('username') !== res.comment.get('username')) {
      return res.sendStatus(500)
    }
    next()
  },
  checkFilePrivacy: function(req, res, next) {
    if (req.user.get('ulevel') !== 3 && req.user.get('username') !== res.file.get('username')) {
      return res.sendStatus(500)
    }
    next()
  },
  checkMessagePrivacy: function(req, res, next) {
    var username = req.user.get('username')
    if (username !== res.message.get('sender') && username !== res.message.get('recipient')) {
      return res.sendStatus(500)
    }
    next()
  },
  filterPrivateThreads: function(req, res, next) {
    res.threads = res.threads.filter(thread => {
      return thread.checkPrivacy(req.user)
    })
    next()
  },
}