# import Comment from "./generated/prisma.graphql"

type Query {
  # authenticated users can information retrieve about themselves
  me: User

  # all authenticated users can retrieve a list of posts
  posts: [Post!]!
  
  comments: [Comment!]!

  # only admins can retrieve info about given users
  user(id: ID!): User
  users: [User!]!
}

type Mutation {
  # everyone can signup
  signup(firstName: String!, lastName: String!, email: String!, password: String!, admin: Boolean): AuthPayload!

  # everyone can login
  login(email: String!, password: String!): AuthPayload!

  # users can only update their own passwords
  # if `userId` is set, the user trying to update the password needs to be an admin
  updatePassword(oldPassword: String, newPassword: String!, userId: ID): User!

  # all authenticated users can create posts
  createPost(title: String!, content: String): Post!

  # only the author of a post or an admins can update it
  updatePost(id: ID!, title: String!, content: String): Post

  # only the author of a post or an admin can delete it
  deletePost(id: ID!): Post
  
  # all authenticated users can create comments
  createComment(postId: ID!, content: String!): Comment!

  # only the author of a comment or an admins can update it
  updateComment(id: ID!, postId: ID!, content: String!): Comment

  # only the author of a comment or an admin can delete it
  deleteComment(id: ID!): Comment
}

type AuthPayload {
  token: String!
  user: User!
}

# The `User` type is a reduced version ("mask") of the `User` type from the data model (and database schema).
# It does not expose the `password` `role` field.
type User {
  id: ID!
  email: String!
  firstName: String!
  lastName: String!
}

where