"""Dependencies for report generation routes

Provides permission checks for report-related operations.
"""
from fastapi import Depends, HTTPException, status
from sqlalchemy.orm import Session

from app.core.database import get_db
from app.modules.auth import get_current_user
from app.modules.chat_room.services.membership_service import membership_service
from app.modules.chat_room.models import IncidentRoom


def require_room_member(room_id: str, db: Session = Depends(get_db), current_user: dict = Depends(get_current_user)):
    """Verify user is a member of the room

    Args:
        room_id: Room ID to check membership for
        db: Database session
        current_user: Current authenticated user

    Returns:
        dict with room_id and user_email

    Raises:
        HTTPException 404: If room not found
        HTTPException 403: If user is not a member
    """
    user_email = current_user["username"]

    # Check if room exists
    room = db.query(IncidentRoom).filter(IncidentRoom.room_id == room_id).first()
    if not room:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="Room not found"
        )

    # Check if user is a member (or admin)
    is_admin = membership_service.is_system_admin(user_email)
    if not is_admin:
        role = membership_service.get_user_role_in_room(db, room_id, user_email)
        if not role:
            raise HTTPException(
                status_code=status.HTTP_403_FORBIDDEN,
                detail="You are not a member of this room"
            )

    return {
        "room_id": room_id,
        "user_email": user_email,
        "room": room,
    }