package storage

import (
	"context"

	"atcr.io/pkg/appview/readme"
	"atcr.io/pkg/atproto"
	"atcr.io/pkg/auth"
	"atcr.io/pkg/auth/oauth"
)

// PushWebhookDispatcher dispatches push event webhooks.
// Defined here (in storage) to avoid import cycles with the webhooks package.
type PushWebhookDispatcher interface {
	DispatchForPush(ctx context.Context, event PushWebhookEvent)
}

// ManifestReferenceChecker checks if a manifest digest is referenced as a child
// of a manifest list (multi-arch image). Used to protect manifest list children
// from auto-removal when their parent list is still tagged.
type ManifestReferenceChecker interface {
	IsManifestReferenced(did, digest string) (bool, error)
}

// PushWebhookEvent contains the data needed to dispatch a push webhook.
type PushWebhookEvent struct {
	OwnerDID     string
	OwnerHandle  string
	PusherDID    string
	PusherHandle string
	Repository   string
	Tag          string
	Digest       string
	MediaType    string
	HoldDID      string
	HoldEndpoint string
}

// HoldDIDLookup interface for querying and updating hold DIDs in manifests
type HoldDIDLookup interface {
	GetLatestHoldDIDForRepo(did, repository string) (string, error)
	UpdateManifestHoldDID(did, oldHoldDID, newHoldDID string) (int64, error)
	GetDistinctManifestHoldDIDs(did string) ([]string, error)
}

// RegistryContext bundles all the context needed for registry operations
// This includes both per-request data (DID, hold) and shared services
type RegistryContext struct {
	// Per-request identity and routing information
	// Owner = the user whose repository is being accessed
	// Puller = the authenticated user making the request (from JWT Subject)
	DID               string          // Owner's DID - whose repo is being accessed (e.g., "did:plc:abc123")
	Handle            string          // Owner's handle (e.g., "alice.bsky.social")
	HoldDID           string          // Hold service DID (e.g., "did:web:hold01.atcr.io" or "did:plc:abc123")
	HoldURL           string          // Resolved HTTP URL for the hold service
	PDSEndpoint       string          // Owner's PDS endpoint URL
	Repository        string          // Image repository name (e.g., "debian")
	ServiceToken      string          // Service token for hold authentication (from puller's PDS)
	ATProtoClient     *atproto.Client // Authenticated ATProto client for the owner
	AuthMethod        string          // Auth method used ("oauth" or "app_password")
	PullerDID         string          // Puller's DID - who is making the request (from JWT Subject)
	PullerPDSEndpoint string          // Puller's PDS endpoint URL
	HasPushScope      bool            // Whether the JWT token has push scope (used to filter pull stats)

	// Per-request user preferences
	AutoRemoveUntagged bool // Whether to auto-delete untagged manifests on tag overwrite

	// Shared services (same for all requests)
	Database           HoldDIDLookup            // Database for hold DID lookups
	Authorizer         auth.HoldAuthorizer      // Hold access authorization
	Refresher          *oauth.Refresher         // OAuth session manager
	ReadmeFetcher      *readme.Fetcher          // README fetcher for repo pages
	WebhookDispatcher  PushWebhookDispatcher    // Push webhook dispatcher (nil if not configured)
	ManifestRefChecker ManifestReferenceChecker // Checks if digest is a manifest list child (nil-safe)
}