package upload

import (
	"net/http"

	"gitlab.com/gitlab-org/gitlab/workhorse/internal/api"
)

// Multipart is a request middleware. If the request has a MIME multipart
// request body, the middleware will iterate through the multipart parts.
// When it finds a file part (filename != ""), the middleware will save
// the file contents to a temporary location and replace the file part
// with a reference to the temporary location.
func Multipart(rails PreAuthorizer, h http.Handler, p Preparer) http.Handler {
	return rails.PreAuthorizeHandler(func(w http.ResponseWriter, r *http.Request, a *api.Response) {
		s := &SavedFileTracker{Request: r}

		interceptMultipartFiles(w, r, h, s, &eagerAuthorizer{a}, p)
	}, "/authorize")
}

// SkipRailsPreAuthMultipart behaves like Multipart except it does not
// pre-authorize with Rails. It is intended for use on catch-all routes
// where we cannot pre-authorize both because we don't know which Rails
// endpoint to call, and because eagerly pre-authorizing would add too
// much overhead.
func SkipRailsPreAuthMultipart(tempPath string, myAPI *api.API, h http.Handler, p Preparer) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		s := &SavedFileTracker{Request: r}

		// We use testAuthorizer as a temporary measure. When
		// https://gitlab.com/groups/gitlab-com/gl-infra/-/epics/742 is done, we
		// should only be using apiAuthorizer.
		fa := &testAuthorizer{
			test:   &apiAuthorizer{myAPI},
			actual: &eagerAuthorizer{&api.Response{TempPath: tempPath}},
		}

		interceptMultipartFiles(w, r, h, s, fa, p)
	})
}