package controllers

import (
	"net/http"
	"officeHours/config"
	"officeHours/models"
)

// BaseHandler will hold everything that controller needs
type BaseHandler struct {
	roomRepo       models.RoomRepository
	officeHourRepo models.OfficeHourRepository
	courseRepo     models.CourseRepository
	tutorRepo      models.TutorRepository
	requestRepo    models.RequestRepository
	config         config.Config
}

// NewBaseHandler returns a new BaseHandler
func NewBaseHandler(roomRepo models.RoomRepository,
	officeHourRepo models.OfficeHourRepository,
	courseRepo models.CourseRepository,
	tutorRepo models.TutorRepository,
	requestRepo models.RequestRepository,
	config config.Config) *BaseHandler {
	return &BaseHandler{roomRepo, officeHourRepo, courseRepo, tutorRepo, requestRepo, config}
}

func SendSecurityHeaders(w http.ResponseWriter, req *http.Request) {
	w.Header().Set("X-Frame-Options", "DENY")
	w.Header().Set("Content-Security-Policy", "default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; base-uri 'none'; form-action 'self'; frame-ancestors 'none'")
	w.Header().Set("X-Content-Type-Options", "nosniff")
	w.Header().Set("Referrer-Policy", "same-origin")
	w.Header().Set("X-XSS-Protection", "1; mode=block")
}