import { applyDecorators, UseGuards, SetMetadata } from '@nestjs/common';
import { JwtAuthGuard } from '../../auth/guards/jwt-auth.guard';

export const IS_LOOKUP_KEY = 'isLookup';

/**
 * Marks an endpoint as a reference-data lookup.
 *
 * Semantics:
 * - Any authenticated tenant user can call this endpoint.
 * - NO module permission check (bypasses PermissionGuard via metadata flag).
 * - Tenant isolation is still enforced via JwtAuthGuard + CLS context.
 *
 * Contract (enforce in the service layer):
 * - Return MINIMAL shape: { id, name/label, short_code }.
 *   Do NOT expose admin metadata (created_by, notes, audit fields, etc.).
 * - Filter out soft-deleted AND inactive rows by default.
 *
 * Use for: dropdowns, autocompletes, display labels in one module that
 * reference another module's data. Admin list pages must continue to use
 * the permissioned GET endpoint.
 *
 * Example:
 *   @Get('lookup')
 *   @Lookup()
 *   async lookup() { return this.service.findAllForLookup(); }
 */
export const Lookup = () => applyDecorators(
  SetMetadata(IS_LOOKUP_KEY, true),
  UseGuards(JwtAuthGuard),
);