<?php

namespace KTXC;

use KTXC\Models\Identity\User;

class SessionIdentity
{
    private bool $identityLock = false;
    private ?User $identityData = null;

    public function initialize(User $identity, bool $lock = true): void
    {
        if ($this->identityLock) {
            throw new \RuntimeException('Identity is already locked and cannot be changed.');
        }

        $this->identityData = $identity;
        $this->identityLock = $lock;
    }

    public function identity(): ?User
    {
        return $this->identityData;
    }

    public function identifier(): ?string
    {
        return $this->identityData?->getId();
    }

    public function label(): ?string
    {
        return $this->identityData?->getLabel();
    }

    public function mailAddress(): ?string
    {
        return $this->identityData?->getEmail();
    }

    public function nameFirst(): ?string
    {
        return $this->identityData?->getFirstName();
    }
    
    public function nameLast(): ?string
    {
        return $this->identityData?->getLastName();
    }

    public function permissions(): array
    {
        $permissions = $this->identityData?->getPermissions() ?? [];
        $permissions[] = 'ROLE_USER';
        return array_unique($permissions);
    }

    public function hasPermission(string $permission): bool
    {
        return in_array($permission, $this->permissions());
    }

}