package service

import (
	"context"
	"sort"
)

// AuthCacheInvalidator invalidates auth-related caches after security-sensitive writes.
type AuthCacheInvalidator interface {
	InvalidateUserState(userID int64)
	InvalidateUserPerms(userID int64)
}

type nopAuthCacheInvalidator struct{}

func (nopAuthCacheInvalidator) InvalidateUserState(int64) {}
func (nopAuthCacheInvalidator) InvalidateUserPerms(int64) {}

func normalizeAuthCacheInvalidator(invalidator AuthCacheInvalidator) AuthCacheInvalidator {
	if invalidator == nil {
		return nopAuthCacheInvalidator{}
	}
	return invalidator
}

func collectSortedUniqueUserIDs(ctx context.Context, idsFunc func(context.Context) ([]int64, error), fallback func(context.Context) ([]int64, error)) ([]int64, error) {
	ids, err := idsFunc(ctx)
	if err != nil && fallback != nil {
		ids, err = fallback(ctx)
	}
	if err != nil {
		return nil, err
	}
	if len(ids) == 0 {
		return []int64{}, nil
	}
	seen := make(map[int64]struct{}, len(ids))
	unique := make([]int64, 0, len(ids))
	for _, id := range ids {
		if _, ok := seen[id]; ok {
			continue
		}
		seen[id] = struct{}{}
		unique = append(unique, id)
	}
	sort.Slice(unique, func(i, j int) bool { return unique[i] < unique[j] })
	return unique, nil
}