using Meezi.Core.Authorization;
using Meezi.Core.Enums;

namespace Meezi.Core.Interfaces;

public interface ITenantContext
{
    string? UserId { get; }
    string? CafeId { get; }
    EmployeeRole? Role { get; }
    PlanTier? PlanTier { get; }
    string? Language { get; }
    /// <summary>Active branch from JWT when employee is branch-scoped.</summary>
    string? BranchId { get; }
    bool IsSystemAdmin { get; }
    bool IsAuthenticated { get; }
    bool IsCafeOwner => Role == EmployeeRole.Owner;
    /// <summary>
    /// When non-null the employee has a custom role. These permissions override the static
    /// <see cref="RolePermissions"/> matrix; the base <see cref="Role"/> still governs
    /// café-wide vs. branch-scoped behaviour.
    /// </summary>
    IReadOnlySet<Permission>? CustomPermissions { get; }
}