using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using ROLAC.API.Authorization;
using ROLAC.API.DTOs.Logging;
using ROLAC.API.Services.Logging;

namespace ROLAC.API.Controllers;

[ApiController]
[Route("api/audit-logs")]
[Authorize]
public class AuditLogsController : ControllerBase
{
    private readonly IAuditLogQueryService _svc;
    public AuditLogsController(IAuditLogQueryService svc) => _svc = svc;

    [HttpGet]
    [HasPermission(Modules.AuditLogs, PermissionActions.Read)]
    public async Task<IActionResult> GetPaged([FromQuery] AuditLogQuery query)
        => Ok(await _svc.GetPagedAsync(query));

    [HttpGet("{id:long}")]
    [HasPermission(Modules.AuditLogs, PermissionActions.Read)]
    public async Task<IActionResult> GetById(long id)
    {
        var dto = await _svc.GetByIdAsync(id);
        return dto is null ? NotFound() : Ok(dto);
    }

    /// <summary>Category / action / level option lists for the filter UI.</summary>
    [HttpGet("catalog")]
    [HasPermission(Modules.AuditLogs, PermissionActions.Read)]
    public IActionResult GetCatalog() => Ok(_svc.GetCatalog());
}