admin_routes.py

"""

Flare Admin API Routes

~~~~~~~~~~~~~~~~~~~~~

Admin UI için gerekli tüm endpoint'ler

"""

import json
import hashlib
import secrets
import commentjson
from datetime import datetime, timedelta
from typing import Dict, List, Optional, Any
from pathlib import Path

from fastapi import APIRouter, HTTPException, Depends, Header
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
from pydantic import BaseModel, Field
import jwt

from utils import log
from config_provider import ConfigProvider

# ===================== Constants & Config =====================
JWT_SECRET = "flare-admin-secret-key-change-in-production"
JWT_ALGORITHM = "HS256"
JWT_EXPIRATION_HOURS = 24

router = APIRouter(prefix="/api")
security = HTTPBearer()

# ===================== Models =====================
class LoginRequest(BaseModel):
    username: str
    password: str

class LoginResponse(BaseModel):
    token: str
    username: str

class EnvironmentUpdate(BaseModel):
    work_mode: str
    cloud_token: Optional[str] = None
    spark_endpoint: str

class ProjectCreate(BaseModel):
    name: str
    caption: Optional[str] = ""

class ProjectUpdate(BaseModel):
    caption: str
    last_update_date: str

class VersionCreate(BaseModel):
    source_version_id: int
    caption: str

class IntentModel(BaseModel):
    name: str
    caption: Optional[str] = ""
    locale: str = "tr-TR"
    detection_prompt: str
    examples: List[str] = []
    parameters: List[Dict[str, Any]] = []
    action: str
    fallback_timeout_prompt: Optional[str] = None
    fallback_error_prompt: Optional[str] = None

class VersionUpdate(BaseModel):
    caption: str
    general_prompt: str
    llm: Dict[str, Any]
    intents: List[IntentModel]
    last_update_date: str

class APICreate(BaseModel):
    name: str
    url: str
    method: str = "POST"
    headers: Dict[str, str] = {}
    body_template: Dict[str, Any] = {}
    timeout_seconds: int = 10
    retry: Dict[str, Any] = Field(default_factory=lambda: {"retry_count": 3, "backoff_seconds": 2, "strategy": "static"})
    proxy: Optional[str] = None
    auth: Optional[Dict[str, Any]] = None
    response_prompt: Optional[str] = None

class APIUpdate(BaseModel):
    url: str
    method: str
    headers: Dict[str, str]
    body_template: Dict[str, Any]
    timeout_seconds: int
    retry: Dict[str, Any]
    proxy: Optional[str]
    auth: Optional[Dict[str, Any]]
    response_prompt: Optional[str]
    last_update_date: str

class TestRequest(BaseModel):
    test_type: str  # "all", "ui", "backend", "integration", "spark"

# ===================== Helpers =====================
def hash_password(password: str) -> str:
    """Simple SHA256 hash for demo. Use bcrypt in production!"""
    return hashlib.sha256(password.encode()).hexdigest()

def verify_token(credentials: HTTPAuthorizationCredentials = Depends(security)) -> str:
    """Verify JWT token and return username"""
    try:
        payload = jwt.decode(credentials.credentials, JWT_SECRET, algorithms=[JWT_ALGORITHM])
        username = payload.get("sub")
        if username is None:
            raise HTTPException(status_code=401, detail="Invalid token")
        return username
    except jwt.ExpiredSignatureError:
        raise HTTPException(status_code=401, detail="Token expired")
    except jwt.JWTError:
        raise HTTPException(status_code=401, detail="Invalid token")

def load_config() -> Dict[str, Any]:
    """Load service_config.jsonc"""
    config_path = Path("service_config.jsonc")
    with open(config_path, 'r', encoding='utf-8') as f:
        return commentjson.load(f)

def save_config(config: Dict[str, Any]):
    """Save service_config.jsonc with pretty formatting"""
    config_path = Path("service_config.jsonc")
    with open(config_path, 'w', encoding='utf-8') as f:
        # Convert to JSON string with proper formatting
        json_str = json.dumps(config, indent=2, ensure_ascii=False)
        f.write(json_str)

def get_timestamp() -> str:
    """Get current ISO timestamp"""
    return datetime.utcnow().isoformat() + "Z"

def add_activity_log(config: Dict[str, Any], user: str, action: str, entity_type: str,

                   entity_id: Any, entity_name: str, details: str = ""):
    """Add entry to activity log"""
    if "activity_log" not in config:
        config["activity_log"] = []

    log_entry = {
        "id": len(config["activity_log"]) + 1,
        "timestamp": get_timestamp(),
        "user": user,
        "action": action,
        "entity_type": entity_type,
        "entity_id": entity_id,
        "entity_name": entity_name,
        "details": details
    }

    config["activity_log"].append(log_entry)

    # Keep only last 100 entries
    if len(config["activity_log"]) > 100:
        config["activity_log"] = config["activity_log"][-100:]

# ===================== Auth Endpoints =====================
@router.post("/login", response_model=LoginResponse)
async def login(request: LoginRequest):
    """User login"""
    config = load_config()

    # Find user
    users = config.get("config", {}).get("users", [])
    user = next((u for u in users if u["username"] == request.username), None)

    if not user:
        raise HTTPException(status_code=401, detail="Invalid credentials")

    # Verify password (simple hash for demo)
    if hash_password(request.password) != user["password_hash"]:
        raise HTTPException(status_code=401, detail="Invalid credentials")

    # Create JWT token
    expire = datetime.utcnow() + timedelta(hours=JWT_EXPIRATION_HOURS)
    payload = {
        "sub": request.username,
        "exp": expire
    }
    token = jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)

    log(f"✅ User '{request.username}' logged in")
    return LoginResponse(token=token, username=request.username)

# ===================== Environment Endpoints =====================
@router.get("/environment")
async def get_environment(username: str = Depends(verify_token)):
    """Get environment configuration"""
    config = load_config()
    env_config = config.get("config", {})

    return {
        "work_mode": env_config.get("work_mode", "hfcloud"),
        "cloud_token": env_config.get("cloud_token", ""),
        "spark_endpoint": env_config.get("spark_endpoint", "")
    }

@router.put("/environment")
async def update_environment(env: EnvironmentUpdate, username: str = Depends(verify_token)):
    """Update environment configuration"""
    config = load_config()

    # Update config
    config["config"]["work_mode"] = env.work_mode
    config["config"]["cloud_token"] = env.cloud_token if env.work_mode != "on-premise" else ""
    config["config"]["spark_endpoint"] = env.spark_endpoint
    config["config"]["last_update_date"] = get_timestamp()
    config["config"]["last_update_user"] = username

    # Save
    save_config(config)

    # Add activity log
    add_activity_log(config, username, "UPDATE_ENVIRONMENT", "config", 0, "environment",
                    f"Work mode: {env.work_mode}")
    save_config(config)

    log(f"✅ Environment updated by {username}")
    return {"success": True}

# ===================== Project Endpoints =====================
@router.get("/projects")
async def list_projects(

    include_deleted: bool = False,

    username: str = Depends(verify_token)

):
    """List all projects"""
    config = load_config()
    projects = config.get("projects", [])

    # Filter deleted if needed
    if not include_deleted:
        projects = [p for p in projects if not p.get("deleted", False)]

    return projects

@router.post("/projects")
async def create_project(project: ProjectCreate, username: str = Depends(verify_token)):
    """Create new project"""
    config = load_config()

    # Check duplicate name
    existing = [p for p in config.get("projects", []) if p["name"] == project.name]
    if existing:
        raise HTTPException(status_code=400, detail="Project name already exists")

    # Get next ID
    config["config"]["project_id_counter"] = config["config"].get("project_id_counter", 0) + 1
    project_id = config["config"]["project_id_counter"]

    # Create project
    new_project = {
        "id": project_id,
        "name": project.name,
        "caption": project.caption,
        "enabled": True,
        "last_version_number": 0,
        "version_id_counter": 0,
        "versions": [],
        "deleted": False,
        "created_date": get_timestamp(),
        "created_by": username,
        "last_update_date": get_timestamp(),
        "last_update_user": username
    }

    if "projects" not in config:
        config["projects"] = []
    config["projects"].append(new_project)

    # Add activity log
    add_activity_log(config, username, "CREATE_PROJECT", "project", project_id, project.name)

    # Save
    save_config(config)

    log(f"✅ Project '{project.name}' created by {username}")
    return new_project

@router.put("/projects/{project_id}")
async def update_project(

    project_id: int,

    update: ProjectUpdate,

    username: str = Depends(verify_token)

):
    """Update project"""
    config = load_config()

    # Find project
    project = next((p for p in config.get("projects", []) if p["id"] == project_id), None)
    if not project:
        raise HTTPException(status_code=404, detail="Project not found")

    # Check race condition
    if project.get("last_update_date") != update.last_update_date:
        raise HTTPException(status_code=409, detail="Project was modified by another user")

    # Update
    project["caption"] = update.caption
    project["last_update_date"] = get_timestamp()
    project["last_update_user"] = username

    # Add activity log
    add_activity_log(config, username, "UPDATE_PROJECT", "project", project_id, project["name"])

    # Save
    save_config(config)

    log(f"✅ Project '{project['name']}' updated by {username}")
    return project

@router.delete("/projects/{project_id}")
async def delete_project(project_id: int, username: str = Depends(verify_token)):
    """Delete project (soft delete)"""
    config = load_config()

    # Find project
    project = next((p for p in config.get("projects", []) if p["id"] == project_id), None)
    if not project:
        raise HTTPException(status_code=404, detail="Project not found")

    # Soft delete
    project["deleted"] = True
    project["last_update_date"] = get_timestamp()
    project["last_update_user"] = username

    # Add activity log
    add_activity_log(config, username, "DELETE_PROJECT", "project", project_id, project["name"])

    # Save
    save_config(config)

    log(f"✅ Project '{project['name']}' deleted by {username}")
    return {"success": True}

@router.patch("/projects/{project_id}/toggle")
async def toggle_project(project_id: int, username: str = Depends(verify_token)):
    """Enable/disable project"""
    config = load_config()

    # Find project
    project = next((p for p in config.get("projects", []) if p["id"] == project_id), None)
    if not project:
        raise HTTPException(status_code=404, detail="Project not found")

    # Toggle
    project["enabled"] = not project.get("enabled", True)
    project["last_update_date"] = get_timestamp()
    project["last_update_user"] = username

    # Add activity log
    action = "ENABLE_PROJECT" if project["enabled"] else "DISABLE_PROJECT"
    add_activity_log(config, username, action, "project", project_id, project["name"])

    # Save
    save_config(config)

    log(f"✅ Project '{project['name']}' {'enabled' if project['enabled'] else 'disabled'} by {username}")
    return {"enabled": project["enabled"]}

# ===================== Version Endpoints =====================
@router.post("/projects/{project_id}/versions")
async def create_version(

    project_id: int,

    version: VersionCreate,

    username: str = Depends(verify_token)

):
    """Create new version from existing version"""
    config = load_config()

    # Find project
    project = next((p for p in config.get("projects", []) if p["id"] == project_id), None)
    if not project:
        raise HTTPException(status_code=404, detail="Project not found")

    # Check if there's unpublished version
    unpublished = [v for v in project.get("versions", []) if not v.get("published", False)]
    if unpublished:
        raise HTTPException(status_code=400, detail="There is already an unpublished version")

    # Find source version
    source = next((v for v in project.get("versions", []) if v["id"] == version.source_version_id), None)
    if not source:
        raise HTTPException(status_code=404, detail="Source version not found")

    # Create new version
    project["version_id_counter"] = project.get("version_id_counter", 0) + 1
    new_version = source.copy()
    new_version["id"] = project["version_id_counter"]
    new_version["caption"] = version.caption
    new_version["published"] = False
    new_version["created_date"] = get_timestamp()
    new_version["created_by"] = username
    new_version["last_update_date"] = get_timestamp()
    new_version["last_update_user"] = username
    new_version["publish_date"] = None
    new_version["published_by"] = None

    project["versions"].append(new_version)
    project["last_update_date"] = get_timestamp()
    project["last_update_user"] = username

    # Add activity log
    add_activity_log(config, username, "CREATE_VERSION", "version", new_version["id"],
                    f"{project['name']} v{new_version['id']}")

    # Save
    save_config(config)

    log(f"✅ Version {new_version['id']} created for project '{project['name']}' by {username}")
    return new_version

@router.put("/projects/{project_id}/versions/{version_id}")
async def update_version(

    project_id: int,

    version_id: int,

    update: VersionUpdate,

    username: str = Depends(verify_token)

):
    """Update version"""
    config = load_config()

    # Find project and version
    project = next((p for p in config.get("projects", []) if p["id"] == project_id), None)
    if not project:
        raise HTTPException(status_code=404, detail="Project not found")

    version = next((v for v in project.get("versions", []) if v["id"] == version_id), None)
    if not version:
        raise HTTPException(status_code=404, detail="Version not found")

    # Check if published
    if version.get("published", False):
        raise HTTPException(status_code=400, detail="Cannot update published version")

    # Check race condition
    if version.get("last_update_date") != update.last_update_date:
        raise HTTPException(status_code=409, detail="Version was modified by another user")

    # Update
    version["caption"] = update.caption
    version["general_prompt"] = update.general_prompt
    version["llm"] = update.llm
    version["intents"] = [intent.dict() for intent in update.intents]
    version["last_update_date"] = get_timestamp()
    version["last_update_user"] = username

    project["last_update_date"] = get_timestamp()
    project["last_update_user"] = username

    # Add activity log
    add_activity_log(config, username, "UPDATE_VERSION", "version", version_id,
                    f"{project['name']} v{version_id}")

    # Save
    save_config(config)

    log(f"✅ Version {version_id} updated for project '{project['name']}' by {username}")
    return version

@router.post("/projects/{project_id}/versions/{version_id}/publish")
async def publish_version(

    project_id: int,

    version_id: int,

    username: str = Depends(verify_token)

):
    """Publish version"""
    config = load_config()

    # Find project and version
    project = next((p for p in config.get("projects", []) if p["id"] == project_id), None)
    if not project:
        raise HTTPException(status_code=404, detail="Project not found")

    version = next((v for v in project.get("versions", []) if v["id"] == version_id), None)
    if not version:
        raise HTTPException(status_code=404, detail="Version not found")

    # Unpublish all other versions
    for v in project.get("versions", []):
        if v["id"] != version_id:
            v["published"] = False

    # Publish this version
    version["published"] = True
    version["publish_date"] = get_timestamp()
    version["published_by"] = username
    version["last_update_date"] = get_timestamp()
    version["last_update_user"] = username

    project["last_update_date"] = get_timestamp()
    project["last_update_user"] = username

    # Add activity log
    add_activity_log(config, username, "PUBLISH_VERSION", "version", version_id,
                    f"{project['name']} v{version_id}")

    # Save
    save_config(config)

    # TODO: Notify Spark about new version

    log(f"✅ Version {version_id} published for project '{project['name']}' by {username}")
    return {"success": True}

@router.delete("/projects/{project_id}/versions/{version_id}")
async def delete_version(

    project_id: int,

    version_id: int,

    username: str = Depends(verify_token)

):
    """Delete version (soft delete)"""
    config = load_config()

    # Find project and version
    project = next((p for p in config.get("projects", []) if p["id"] == project_id), None)
    if not project:
        raise HTTPException(status_code=404, detail="Project not found")

    version = next((v for v in project.get("versions", []) if v["id"] == version_id), None)
    if not version:
        raise HTTPException(status_code=404, detail="Version not found")

    # Cannot delete published version
    if version.get("published", False):
        raise HTTPException(status_code=400, detail="Cannot delete published version")

    # Soft delete
    version["deleted"] = True
    version["last_update_date"] = get_timestamp()
    version["last_update_user"] = username

    project["last_update_date"] = get_timestamp()
    project["last_update_user"] = username

    # Add activity log
    add_activity_log(config, username, "DELETE_VERSION", "version", version_id,
                    f"{project['name']} v{version_id}")

    # Save
    save_config(config)

    log(f"✅ Version {version_id} deleted for project '{project['name']}' by {username}")
    return {"success": True}

# ===================== API Endpoints =====================
@router.get("/apis")
async def list_apis(

    include_deleted: bool = False,

    username: str = Depends(verify_token)

):
    """List all APIs"""
    config = load_config()
    apis = config.get("apis", [])

    # Filter deleted if needed
    if not include_deleted:
        apis = [a for a in apis if not a.get("deleted", False)]

    return apis

@router.post("/apis")
async def create_api(api: APICreate, username: str = Depends(verify_token)):
    """Create new API"""
    config = load_config()

    # Check duplicate name
    existing = [a for a in config.get("apis", []) if a["name"] == api.name]
    if existing:
        raise HTTPException(status_code=400, detail="API name already exists")

    # Create API
    new_api = api.dict()
    new_api["deleted"] = False
    new_api["created_date"] = get_timestamp()
    new_api["created_by"] = username
    new_api["last_update_date"] = get_timestamp()
    new_api["last_update_user"] = username

    if "apis" not in config:
        config["apis"] = []
    config["apis"].append(new_api)

    # Add activity log
    add_activity_log(config, username, "CREATE_API", "api", api.name, api.name)

    # Save
    save_config(config)

    log(f"✅ API '{api.name}' created by {username}")
    return new_api

@router.put("/apis/{api_name}")
async def update_api(

    api_name: str,

    update: APIUpdate,

    username: str = Depends(verify_token)

):
    """Update API"""
    config = load_config()

    # Find API
    api = next((a for a in config.get("apis", []) if a["name"] == api_name), None)
    if not api:
        raise HTTPException(status_code=404, detail="API not found")

    # Check race condition
    if api.get("last_update_date") != update.last_update_date:
        raise HTTPException(status_code=409, detail="API was modified by another user")

    # Check if API is in use
    for project in config.get("projects", []):
        for version in project.get("versions", []):
            for intent in version.get("intents", []):
                if intent.get("action") == api_name and version.get("published", False):
                    raise HTTPException(status_code=400,
                                      detail=f"API is used in published version of project '{project['name']}'")

    # Update
    update_dict = update.dict()
    del update_dict["last_update_date"]
    api.update(update_dict)
    api["last_update_date"] = get_timestamp()
    api["last_update_user"] = username

    # Add activity log
    add_activity_log(config, username, "UPDATE_API", "api", api_name, api_name)

    # Save
    save_config(config)

    log(f"✅ API '{api_name}' updated by {username}")
    return api

@router.delete("/apis/{api_name}")
async def delete_api(api_name: str, username: str = Depends(verify_token)):
    """Delete API (soft delete)"""
    config = load_config()

    # Find API
    api = next((a for a in config.get("apis", []) if a["name"] == api_name), None)
    if not api:
        raise HTTPException(status_code=404, detail="API not found")

    # Check if API is in use
    for project in config.get("projects", []):
        for version in project.get("versions", []):
            for intent in version.get("intents", []):
                if intent.get("action") == api_name:
                    raise HTTPException(status_code=400,
                                      detail=f"API is used in project '{project['name']}'")

    # Soft delete
    api["deleted"] = True
    api["last_update_date"] = get_timestamp()
    api["last_update_user"] = username

    # Add activity log
    add_activity_log(config, username, "DELETE_API", "api", api_name, api_name)

    # Save
    save_config(config)

    log(f"✅ API '{api_name}' deleted by {username}")
    return {"success": True}

# ===================== Test Endpoints =====================
@router.post("/apis/test")
async def test_api(api: APICreate, username: str = Depends(verify_token)):
    """Test API endpoint"""
    import requests

    try:
        # Prepare request
        headers = api.headers.copy()

        # Make request
        response = requests.request(
            method=api.method,
            url=api.url,
            headers=headers,
            json=api.body_template if api.method in ["POST", "PUT", "PATCH"] else None,
            params=api.body_template if api.method == "GET" else None,
            timeout=api.timeout_seconds
        )

        return {
            "success": True,
            "status_code": response.status_code,
            "response_time_ms": int(response.elapsed.total_seconds() * 1000),
            "headers": dict(response.headers),
            "body": response.text[:1000]  # First 1000 chars
        }
    except Exception as e:
        return {
            "success": False,
            "error": str(e)
        }

@router.get("/activity-log")
async def get_activity_log(

    limit: int = 50,

    username: str = Depends(verify_token)

):
    """Get activity log"""
    config = load_config()
    logs = config.get("activity_log", [])

    # Return last N entries
    return logs[-limit:]

@router.post("/test/run-all")
async def run_all_tests(test: TestRequest, username: str = Depends(verify_token)):
    """Run all tests"""
    # This is a placeholder - in real implementation, this would run actual tests
    log(f"🧪 Running {test.test_type} tests requested by {username}")

    # Simulate test results
    results = {
        "test_type": test.test_type,
        "start_time": get_timestamp(),
        "tests": [
            {"name": "Login with valid credentials", "status": "PASS", "duration_ms": 120},
            {"name": "Create new project", "status": "PASS", "duration_ms": 340},
            {"name": "Delete API in use", "status": "PASS", "duration_ms": 45},
            {"name": "Race condition detection", "status": "PASS", "duration_ms": 567},
            {"name": "Invalid token handling", "status": "PASS", "duration_ms": 23}
        ],
        "summary": {
            "total": 5,
            "passed": 5,
            "failed": 0,
            "duration_ms": 1095
        }
    }

    return results

@router.post("/validate/regex")
async def validate_regex(pattern: str, test_value: str, username: str = Depends(verify_token)):
    """Validate regex pattern"""
    import re

    try:
        compiled = re.compile(pattern)
        match = compiled.fullmatch(test_value)
        return {
            "valid": True,
            "matches": match is not None
        }
    except re.error as e:
        return {
            "valid": False,
            "error": str(e)
        }

# ===================== Export/Import =====================
@router.get("/projects/{project_id}/export")
async def export_project(project_id: int, username: str = Depends(verify_token)):
    """Export project as JSON"""
    config = load_config()

    # Find project
    project = next((p for p in config.get("projects", []) if p["id"] == project_id), None)
    if not project:
        raise HTTPException(status_code=404, detail="Project not found")

    # Collect all related APIs
    api_names = set()
    for version in project.get("versions", []):
        for intent in version.get("intents", []):
            api_names.add(intent.get("action"))

    apis = [a for a in config.get("apis", []) if a["name"] in api_names]

    # Create export
    export_data = {
        "export_date": get_timestamp(),
        "exported_by": username,
        "project": project,
        "apis": apis
    }

    log(f"📤 Project '{project['name']}' exported by {username}")
    return export_data

@router.post("/projects/import")
async def import_project(data: Dict[str, Any], username: str = Depends(verify_token)):
    """Import project from JSON"""
    config = load_config()

    # Extract project and APIs
    project_data = data.get("project", {})
    apis_data = data.get("apis", [])

    # Check duplicate project name
    existing = [p for p in config.get("projects", []) if p["name"] == project_data.get("name")]
    if existing:
        # Generate new name
        project_data["name"] = f"{project_data['name']}_imported_{int(datetime.now().timestamp())}"

    # Generate new IDs
    config["config"]["project_id_counter"] = config["config"].get("project_id_counter", 0) + 1
    project_data["id"] = config["config"]["project_id_counter"]

    # Reset version IDs
    version_counter = 0
    for version in project_data.get("versions", []):
        version_counter += 1
        version["id"] = version_counter
        version["published"] = False  # Imported versions are unpublished

    project_data["version_id_counter"] = version_counter
    project_data["created_date"] = get_timestamp()
    project_data["created_by"] = username
    project_data["last_update_date"] = get_timestamp()
    project_data["last_update_user"] = username

    # Import APIs
    imported_apis = []
    for api_data in apis_data:
        # Check if API already exists
        existing_api = next((a for a in config.get("apis", []) if a["name"] == api_data.get("name")), None)
        if not existing_api:
            api_data["created_date"] = get_timestamp()
            api_data["created_by"] = username
            api_data["last_update_date"] = get_timestamp()
            api_data["last_update_user"] = username
            api_data["deleted"] = False
            config["apis"].append(api_data)
            imported_apis.append(api_data["name"])

    # Add project
    config["projects"].append(project_data)

    # Add activity log
    add_activity_log(config, username, "IMPORT_PROJECT", "project", project_data["id"],
                    project_data["name"], f"Imported with {len(imported_apis)} APIs")

    # Save
    save_config(config)

    log(f"📥 Project '{project_data['name']}' imported by {username}")
    return {
        "success": True,
        "project_name": project_data["name"],
        "project_id": project_data["id"],
        "imported_apis": imported_apis
    }