namespace SharepointToolbox.Core.Models;

/// <summary>
/// Classifies how a user received a permission assignment.
/// </summary>
public enum AccessType
{
    /// <summary>User is directly assigned a role on the object.</summary>
    Direct,
    /// <summary>User is a member of a SharePoint group that has the role.</summary>
    Group,
    /// <summary>Permission is inherited from a parent object (not unique).</summary>
    Inherited
}

/// <summary>
/// One row in the User Access Audit results grid.
/// Represents a single permission that a specific user holds on a specific object.
/// </summary>
public record UserAccessEntry(
    string UserDisplayName,     // e.g. "Alice Smith"
    string UserLogin,           // e.g. "alice@contoso.com" or "i:0#.f|membership|alice@contoso.com"
    string SiteUrl,             // The site collection URL where this permission exists
    string SiteTitle,           // The site collection title
    string ObjectType,          // "Site Collection" | "Site" | "List" | "Folder"
    string ObjectTitle,         // Name of the list/folder/site
    string ObjectUrl,           // URL of the specific object
    string PermissionLevel,     // e.g. "Full Control", "Contribute"
    AccessType AccessType,      // Direct | Group | Inherited
    string GrantedThrough,      // "Direct Permissions" | "SharePoint Group: Members" etc.
    bool IsHighPrivilege,       // True for Full Control, Site Collection Administrator
    bool IsExternalUser         // True if login contains #EXT#
);