<?php

namespace App\Http\Controllers\Admin\Roles;

use App\Http\Controllers\Controller;
use App\Http\Requests\Admin\Roles\UpdateRolePermissionsRequest;
use App\Models\Role;
use App\Services\RoleService;

/**
 * Controller for updating role permissions.
 */
class RolePermissionUpdateController extends Controller
{
    /**
     * Handle the toggling of a permission for a role.
     *
     * @param \App\Http\Requests\Admin\Roles\UpdateRolePermissionsRequest $request
     * @param \App\Models\Role $role
     * @param \App\Services\RoleService $roleService
     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse
     */
    public function __invoke(UpdateRolePermissionsRequest $request, Role $role, RoleService $roleService)
    {
        $permissionId = (int) $request->permission_id;
        $isActive = $request->has('active');

        if ($roleService->togglePermission($role, $permissionId, $isActive)) {
            $message = $isActive ? 'Permission granted.' : 'Permission revoked.';

            if ($request->wantsJson()) {
                return response()->json([
                    'success' => true,
                    'message' => $message,
                    'role' => $role->load('permissions'),
                ]);
            }

            return redirect()->route('admin.roles.index')->with('status', $message);
        }

        return redirect()->back()->withErrors(['Permissions for protected roles cannot be modified.']);
    }
}