package repositories

import (
	"git.secnex.io/secnex/certman/models"
	"gorm.io/gorm"
)

type CertificateRepository struct {
	db *gorm.DB
}

// NewCertificateRepository creates a new certificate repository
func NewCertificateRepository(db *gorm.DB) *CertificateRepository {
	return &CertificateRepository{db: db}
}

// GetByID returns a certificate by their ID
func (r *CertificateRepository) GetByID(id string) (models.Certificate, error) {
	var cert models.Certificate
	if err := r.db.First(&cert, id).Error; err != nil {
		return models.Certificate{}, err
	}
	return cert, nil
}

// GetAll returns all certificates
func (r *CertificateRepository) GetAll() ([]models.Certificate, error) {
	var certs []models.Certificate
	if err := r.db.Find(&certs).Error; err != nil {
		return []models.Certificate{}, err
	}
	return certs, nil
}

// Create creates a new certificate
func (r *CertificateRepository) Create(cert models.Certificate) error {
	return r.db.Create(&cert).Error
}

// Update updates a certificate
func (r *CertificateRepository) Update(cert models.Certificate) error {
	return r.db.Save(&cert).Error
}

// Delete deletes a certificate by their ID
func (r *CertificateRepository) Delete(id string) error {
	return r.db.Delete(&models.Certificate{}, id).Error
}

// HardDelete deletes a certificate by their ID
func (r *CertificateRepository) HardDelete(cert models.Certificate) error {
	return r.db.Unscoped().Delete(&cert).Error
}

// GetByType returns certificates by type
func (r *CertificateRepository) GetByType(certType models.CertificateType) ([]models.Certificate, error) {
	var certs []models.Certificate
	if err := r.db.Where("type = ?", certType).Find(&certs).Error; err != nil {
		return []models.Certificate{}, err
	}
	return certs, nil
}

// GetByCA returns certificates issued by a specific CA
func (r *CertificateRepository) GetByCA(caID string) ([]models.Certificate, error) {
	var certs []models.Certificate
	if err := r.db.Where("certificate_authority_id = ?", caID).Find(&certs).Error; err != nil {
		return []models.Certificate{}, err
	}
	return certs, nil
}

// GetByStatus returns certificates by status
func (r *CertificateRepository) GetByStatus(status models.CertificateStatus) ([]models.Certificate, error) {
	var certs []models.Certificate
	if err := r.db.Where("status = ?", status).Find(&certs).Error; err != nil {
		return []models.Certificate{}, err
	}
	return certs, nil
}

// GetActive returns all active certificates
func (r *CertificateRepository) GetActive() ([]models.Certificate, error) {
	return r.GetByStatus(models.CertificateStatusActive)
}

// GetRevoked returns all revoked certificates
func (r *CertificateRepository) GetRevoked() ([]models.Certificate, error) {
	return r.GetByStatus(models.CertificateStatusRevoked)
}

// GetExpired returns all expired certificates
func (r *CertificateRepository) GetExpired() ([]models.Certificate, error) {
	return r.GetByStatus(models.CertificateStatusExpired)
}

// GetPending returns all pending certificates
func (r *CertificateRepository) GetPending() ([]models.Certificate, error) {
	return r.GetByStatus(models.CertificateStatusPending)
}