from fastapi import APIRouter, Depends, HTTPException, Query
from typing import List, Optional
import db
import auth_utils

router = APIRouter(prefix="/admin", tags=["admin"])

@router.get("/audit-logs")
async def get_audit_logs(
    page: int = Query(1, ge=1),
    size: int = Query(50, ge=1, le=100),
    action: Optional[str] = None,
    token: str = Depends(auth_utils.oauth2_scheme)
):
    payload = auth_utils.decode_token(token)
    if not payload or payload.get("role") != 'admin':
        raise HTTPException(status_code=403, detail="Admin role required")
    
    offset = (page - 1) * size
    
    query = """
        SELECT a.*, u.email as user_email 
        FROM audit_logs a
        LEFT JOIN users u ON a.user_id = u.id
    """
    params = []
    
    if action:
        query += " WHERE a.action = %s"
        params.append(action)
    
    query += " ORDER BY a.created_at DESC LIMIT %s OFFSET %s"
    params.extend([size, offset])
    
    logs = db.execute_query(query, tuple(params))
    
    # Total count for pagination
    count_query = "SELECT COUNT(*) as total FROM audit_logs"
    if action:
        count_query += " WHERE action = %s"
        total = db.execute_query(count_query, (action,))
    else:
        total = db.execute_query(count_query)
        
    return {
        "logs": logs,
        "total": total[0]['total'],
        "page": page,
        "size": size
    }