use actix_web::{web, HttpResponse};
use serde::Deserialize;
use utoipa::IntoParams;

use crate::api::response::{ApiResponse, ApiErrorResponse};
use crate::error::AppError;
use crate::models::repos::BranchProtectionRule;
use crate::service::AppService;
use crate::session::Session;

#[derive(Debug, Deserialize, IntoParams)]
pub struct PathParams {
    /// Workspace name (unique identifier)
    pub workspace_name: String,
    /// Repository name (unique within the workspace)
    pub repo_name: String,
}

#[derive(Debug, Deserialize, IntoParams)]
pub struct QueryParams {
    /// Maximum number of protection rules to return (default: 50, max: 100)
    pub limit: Option<i64>,
    /// Number of protection rules to skip for pagination (default: 0)
    pub offset: Option<i64>,
}

/// List branch protection rules in a repository
///
/// Returns a paginated list of all branch protection rules in the repository, sorted by pattern alphabetically.
/// Includes protection rule metadata such as:
/// - Branch name pattern (supports wildcards like "feature/*")
/// - Required approvals count
/// - Required status checks
/// - Restrictions on pushes and deletions
/// - Creator information
/// 
/// Requires read access to the repository.
#[utoipa::path(
    get,
    path = "/api/v1/workspaces/{workspace_name}/repos/{repo_name}/protection-rules",
    tag = "Repos",
    operation_id = "repoListProtectionRules",
    params(PathParams, QueryParams),
    responses(
        (status = 200, description = "Protection rules listed successfully. Returns an array of protection rule objects with metadata.", body = ApiResponse<Vec<BranchProtectionRule>>),
        (status = 401, description = "Authentication required or session expired", body = ApiErrorResponse),
        (status = 403, description = "Insufficient permissions to access this repository", body = ApiErrorResponse),
        (status = 404, description = "Repository or workspace not found", body = ApiErrorResponse),
        (status = 500, description = "Internal server error", body = ApiErrorResponse),
    ),
    security(
        ("session_cookie" = [])
    )
)]
pub async fn list_protection_rules(
    service: web::Data<AppService>,
    session: Session,
    path: web::Path<PathParams>,
    query: web::Query<QueryParams>,
) -> Result<HttpResponse, AppError> {
    let rules = service
        .repo
        .repo_protection_rules(
            &session,
            &path.workspace_name,
            &path.repo_name,
            query.limit.unwrap_or(50),
            query.offset.unwrap_or(0),
        )
        .await?;

    Ok(HttpResponse::Ok().json(ApiResponse::new(rules)))
}