from django.utils.deprecation import MiddlewareMixin
from django.shortcuts import redirect
from django.urls import reverse
from django.contrib import messages

class RoleMiddleware(MiddlewareMixin):
    """
    Middleware to handle role-based access control
    Adds user role to request context for templates
    """
    
    def process_request(self, request):
        """Process the request before it reaches the view"""
        # Skip for anonymous users
        if not request.user.is_authenticated:
            return None
            
        # Skip for static files
        if request.path.startswith('/static/'):
            return None
            
        # Add user role to request if profile exists
        if hasattr(request.user, 'profile'):
            request.user_role = request.user.profile.role
        else:
            # If authenticated but no profile, logout path is allowed
            if request.path != reverse('logout'):
                messages.error(request, "Seu perfil não está configurado corretamente. Contate o administrador.")
                return redirect('logout')
        
        return None