/*
 *  Copyright 2025 Anyware Services
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */
package org.ametys.core.right;

import java.util.Map;
import java.util.Set;

import org.ametys.core.group.GroupIdentity;
import org.ametys.core.user.UserIdentity;

/**
 * An access controller based on profile
 */
public interface ProfileBasedAccessController extends AccessController
{
    /**
     * Get an access explanation for every context handled by this controller where the given profile
     * is used to grant a permission to an anonymous user
     * @param profileId the profile id
     * @param workspacesContexts The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}
     * @return a map of the objects with its explanation
     */
    public Map<ExplanationObject, AccessExplanation> explainAllProfileUsesForAnonymousOnWorkspaces(String profileId, Set<Object> workspacesContexts);
    
    /**
     * Get an access explanation for every context handled by this controller where the given profile
     * is used to grant a permission to any connected user
     * @param profileId the profile id
     * @param workspacesContexts The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}
     * @return a map of the object with its explanation
     */
    public Map<ExplanationObject, AccessExplanation> explainAllProfileUsesForAnyConnectedOnWorkspaces(String profileId, Set<Object> workspacesContexts);
    
    /**
     * Get an access explanation for every context handled by this controller where the given profile
     * is used to grant a permission to a group
     * @param profileId the profile id
     * @param workspacesContexts The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}
     * @return a map of the object with its explanation for each group
     */
    public Map<ExplanationObject, Map<GroupIdentity, AccessExplanation>> explainAllProfileUsesOnWorkspacesByGroups(String profileId, Set<Object> workspacesContexts);
    
    /**
     * Get an access explanation for every context handled by this controller where the given profile
     * is used to grant a permission to a user
     * @param profileId the profile id
     * @param workspacesContexts The contexts to tests such as {"/${WorkspaceName}", "/repository", "/admin"}
     * @return a map of the object with its explanation for each user
     */
    public Map<ExplanationObject, Map<UserIdentity, AccessExplanation>> explainAllProfileUsesOnWorkspacesByUser(String profileId, Set<Object> workspacesContexts);
}