<?php

namespace App\Filament\Resources\EntraGroupResource\Pages;

use App\Filament\Resources\EntraGroupResource;
use App\Models\EntraGroup;
use App\Models\Tenant;
use App\Models\User;
use Filament\Facades\Filament;
use Filament\Resources\Pages\ViewRecord;
use Illuminate\Database\Eloquent\Model;

class ViewEntraGroup extends ViewRecord
{
    protected static string $resource = EntraGroupResource::class;

    protected function resolveRecord(int|string $key): Model
    {
        return EntraGroupResource::resolveScopedRecordOrFail($key);
    }

    protected function authorizeAccess(): void
    {
        $tenant = EntraGroupResource::panelTenantContext();
        $record = $this->getRecord();
        $user = auth()->user();

        if (
            Filament::getCurrentPanel()?->getId() === 'admin'
            && ! $tenant instanceof Tenant
        ) {
            abort(404);
        }

        if (! $user instanceof User || ! $tenant instanceof Tenant || ! $record instanceof EntraGroup) {
            abort(404);
        }

        if ((int) $record->tenant_id !== (int) $tenant->getKey()) {
            abort(404);
        }

        if (! $user->canAccessTenant($tenant)) {
            abort(404);
        }

        if (! $user->can('view', $record)) {
            abort(403);
        }
    }
}