'use strict';
const _ = require('lodash');
const { BusinessError, ErrorCode } = require('naf-core').Error;
module.exports = options => {
  return async function tenantCheck(ctx, next) {
    const request = ctx.request;
    if (request.method !== 'GET') {
      const tenant = _.get(request, 'header.x-tenant');
      console.log(request.body);
      // 该中间只能通过master/与内容中的_tenant字段相同 的权限进行增删改
      if (tenant !== 'master') {
        const _tenant = _.get(request.body, '_tenant');
        if (!_tenant || _tenant !== tenant) { throw new BusinessError(ErrorCode.ACCESS_DENIED, '您没有访问的权限!'); }
      }
    }
    await next();
  };
};