import { Navigate, useLocation } from "react-router-dom";
import { useAuth } from "@/contexts/AuthContext";

interface RequireAccessProps {
  allowedRealms?: Array<"game_developer" | "client" | "community_member" | "customer" | "staff">;
  allowedRoles?: string[];
  children: React.ReactElement;
}

export default function RequireAccess({ allowedRealms, allowedRoles, children }: RequireAccessProps) {
  const { user, profile, roles } = useAuth();
  const location = useLocation();

  const realmOk = !allowedRealms || allowedRealms.includes((profile as any)?.user_type);
  const rolesOk = !allowedRoles || (Array.isArray(roles) && roles.some(r => allowedRoles.includes(r.toLowerCase())));

  if (!user) return <Navigate to={`/onboarding?next=${encodeURIComponent(location.pathname + location.search)}`} replace />;
  if (!realmOk || !rolesOk) return <Navigate to="/realms" replace />;

  return children;
}