/**
 * Panel roles for admin / support staff.
 * Backend should return one of these on the authenticated user object.
 */
export const AdminRole = {
  SUPER_ADMIN: "SUPER_ADMIN",
  ADMIN: "ADMIN",
  CUSTOMER_SUPPORT: "CUSTOMER_SUPPORT",
} as const

export type AdminRoleValue = (typeof AdminRole)[keyof typeof AdminRole]

const PANEL_ROLES = new Set<string>([
  AdminRole.SUPER_ADMIN,
  AdminRole.ADMIN,
  AdminRole.CUSTOMER_SUPPORT,
])

export function hasPanelAccess(role: string | undefined): boolean {
  if (!role) return false
  return PANEL_ROLES.has(role)
}

/** Full control (all menus + destructive actions) */
export function isSuperAdmin(role: string | undefined): boolean {
  return role === AdminRole.SUPER_ADMIN
}

/** Can create/edit content (not read-only support) */
export function canEdit(role: string | undefined): boolean {
  return role === AdminRole.SUPER_ADMIN || role === AdminRole.ADMIN
}

/** Internal system users / members management */
export function canAccessSystemMembers(role: string | undefined): boolean {
  return role === AdminRole.SUPER_ADMIN || role === AdminRole.ADMIN
}

/** Push / SMS / email broadcast composer */
export function canSendBroadcast(role: string | undefined): boolean {
  return role === AdminRole.SUPER_ADMIN || role === AdminRole.ADMIN
}

export function roleLabel(role: string | undefined): string {
  switch (role) {
    case AdminRole.SUPER_ADMIN:
      return "System Admin"
    case AdminRole.ADMIN:
      return "Admin"
    case AdminRole.CUSTOMER_SUPPORT:
      return "Customer Support"
    default:
      return role ?? "User"
  }
}