<?php

namespace App\Livewire;

use Livewire\Component;
use Livewire\WithPagination;
use App\Models\Project;
use Illuminate\Support\Facades\Auth;

class ProjectList extends Component
{
    use WithPagination;

    public $search = '';
    public $statusFilter = '';

    public function deleteProject($id)
    {
        $user = Auth::user();
        if (!$user->can('delete projects')) {
            session()->flash('error', 'Sin permisos para eliminar proyectos.');
            return;
        }
        // Scope to accessible projects to prevent IDOR (deleting another user's project by ID)
        $project = Project::accessibleBy($user)->findOrFail($id);
        $project->delete();
        session()->flash('message', 'Proyecto eliminado');
    }

    public function render()
    {
        $query = Project::accessibleBy(Auth::user());
        if ($this->search) {
            $query->where('name', 'like', '%' . $this->search . '%');
        }
        if ($this->statusFilter) {
            $query->where('status', $this->statusFilter);
        }
        $projects = $query->with('phases')->latest()->paginate(10);
        return view('livewire.projects.project-list', ['projects' => $projects]);
    }
}