import { ReactNode } from 'react';
import { Header } from '@/components/layout/Header';
import { SiteFooter } from '@/components/layout/Footer';
import { getServerSession } from "next-auth";
import { authOptions } from "@/app/api/auth/[...nextauth]/route";
import { verifyNonsapPermission } from "@/lib/nonsap/auth-service";
import { PermissionChecker } from "@/components/common/permission-checker";

export default async function EvcpLayout({ children }: { children: ReactNode }) {
    const session = await getServerSession(authOptions);
    
    let isAuthorized = true;
    let authMessage = "";

    // Skip permission check if environment variable is set
    const skipPermissionCheck = process.env.SKIP_ORACLE_PERMISSION_CHECK === 'true';

    // Only check permission if user is logged in and check is not skipped
    if (session?.user?.id && !skipPermissionCheck) {
        try {
            const result = await verifyNonsapPermission(
                parseInt(session.user.id), 
                ['SEARCH']
            );
            isAuthorized = result.authorized;
            authMessage = result.message || "";
        } catch (error) {
            console.error("Permission check failed:", error);
            // Default to true in case of error to avoid blocking access due to system error
            // but logic could be changed to false for strict security
            isAuthorized = true;
            authMessage = "Permission check error"; 
        }
    }

    return (
        <div className="relative flex min-h-svh flex-col bg-background">
        {/* <div className="relative flex min-h-svh flex-col bg-slate-100 "> */}
            <Header />
            {!skipPermissionCheck && (
                <PermissionChecker authorized={isAuthorized} message={authMessage} />
            )}
            <main className="flex flex-1 flex-col">
                <div className='container-wrapper'>
                        {children}
                </div>
            </main>
            <SiteFooter/>
        </div>
    );
}