import * as plugins from '../../plugins.ts';
import type { OpsServer } from '../classes.opsserver.ts';
import * as interfaces from '../../../ts_interfaces/index.ts';
import { requireValidIdentity } from '../helpers/guards.ts';

export class CredentialsHandler {
  public typedrouter = new plugins.typedrequest.TypedRouter();

  constructor(private opsServerRef: OpsServer) {
    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
    this.registerHandlers();
  }

  private registerHandlers(): void {
    // Get credentials (secrets masked)
    this.typedrouter.addTypedHandler(
      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetCredentials>(
        'getCredentials',
        async (dataArg) => {
          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
          const credentials = this.opsServerRef.objectStorageRef.config.accessCredentials.map(
            (cred) => ({
              accessKeyId: cred.accessKeyId,
              secretAccessKey: cred.secretAccessKey.slice(0, 4) + '****',
            }),
          );
          return { credentials };
        },
      ),
    );

    // Add credential
    this.typedrouter.addTypedHandler(
      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_AddCredential>(
        'addCredential',
        async (dataArg) => {
          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
          this.opsServerRef.objectStorageRef.config.accessCredentials.push({
            accessKeyId: dataArg.accessKeyId,
            secretAccessKey: dataArg.secretAccessKey,
          });
          // Update the smartstorage auth config
          this.opsServerRef.objectStorageRef.smartstorageInstance.config.auth!.credentials =
            this.opsServerRef.objectStorageRef.config.accessCredentials;
          return { ok: true };
        },
      ),
    );

    // Remove credential
    this.typedrouter.addTypedHandler(
      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_RemoveCredential>(
        'removeCredential',
        async (dataArg) => {
          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
          const creds = this.opsServerRef.objectStorageRef.config.accessCredentials;
          if (creds.length <= 1) {
            throw new plugins.typedrequest.TypedResponseError(
              'Cannot remove the last credential',
            );
          }
          this.opsServerRef.objectStorageRef.config.accessCredentials = creds.filter(
            (c) => c.accessKeyId !== dataArg.accessKeyId,
          );
          // Update the smartstorage auth config
          this.opsServerRef.objectStorageRef.smartstorageInstance.config.auth!.credentials =
            this.opsServerRef.objectStorageRef.config.accessCredentials;
          return { ok: true };
        },
      ),
    );
  }
}