portal/app/resources/js/api/admin.ts

import { apiClient, ensureCsrfCookie } from './client';

/**
 * API-вызовы для админских endpoint'ов SaaS (см. ImpersonationController).
 *
 * На MVP вызываются без auth:saas-admin middleware (см. routes/web.php).
 * Production: middleware('auth:saas-admin') + cookie session — apiClient уже
 * настроен на withCredentials.
 */

export interface ImpersonationInitPayload {
    tenant_id: number;
    requested_by: number; // на MVP параметром; на prod — request()->user()->id
    reason: string; // ≥30 chars (валидируется на backend)
}

export interface ImpersonationInitResponse {
    token_id: number;
    expires_at: string; // ISO8601
    sent_to_email: string;
    /** dev-only: исчезнет после интеграции MailService на prod */
    _dev_plain_code?: string;
}

export async function impersonationInit(payload: ImpersonationInitPayload): Promise<ImpersonationInitResponse> {
    await ensureCsrfCookie();
    const { data } = await apiClient.post<ImpersonationInitResponse>('/api/admin/impersonation/init', payload);
    return data;
}

export interface ImpersonationVerifyPayload {
    token_id: number;
    code: string; // 6 цифр
}

export interface ImpersonationVerifyResponse {
    token_id: number;
    tenant_id: number;
    used_at: string;
    message: string;
}

export async function impersonationVerify(payload: ImpersonationVerifyPayload): Promise<ImpersonationVerifyResponse> {
    await ensureCsrfCookie();
    const { data } = await apiClient.post<ImpersonationVerifyResponse>('/api/admin/impersonation/verify', payload);
    return data;
}

export interface ImpersonationEndResponse {
    token_id: number;
    session_ended_at: string;
    message: string;
}

export async function impersonationEnd(tokenId: number): Promise<ImpersonationEndResponse> {
    await ensureCsrfCookie();
    const { data } = await apiClient.post<ImpersonationEndResponse>('/api/admin/impersonation/end', {
        token_id: tokenId,
    });
    return data;
}

export interface ImpersonationActiveSession {
    token_id: number;
    tenant_id: number;
    tenant_name: string | null;
    requested_by: number;
    reason: string;
    sent_to_email: string;
    used_at: string;
    expires_at: string;
}

export interface ImpersonationRecentSession {
    token_id: number;
    tenant_id: number;
    tenant_name: string | null;
    requested_by: number;
    reason: string;
    used_at: string;
    session_ended_at: string;
    duration_seconds: number | null;
}

export async function impersonationActive(): Promise<ImpersonationActiveSession[]> {
    const { data } = await apiClient.get<{ sessions: ImpersonationActiveSession[] }>('/api/admin/impersonation/active');
    return data.sessions;
}

export async function impersonationRecent(): Promise<ImpersonationRecentSession[]> {
    const { data } = await apiClient.get<{ sessions: ImpersonationRecentSession[] }>('/api/admin/impersonation/recent');
    return data.sessions;
}

// === SaaS-admin → Система: system_settings edit-flow ===

export interface SystemSetting {
    key: string;
    value: string;
    type: 'int' | 'string' | 'decimal' | 'bool' | 'json';
    description: string | null;
    updated_at: string;
    updated_by: number | null;
}

export async function listSystemSettings(): Promise<SystemSetting[]> {
    const { data } = await apiClient.get<{ settings: SystemSetting[] }>('/api/admin/system-settings');
    return data.settings;
}

export interface UpdateSystemSettingPayload {
    value: string;
    reason: string; // ≥30 chars
    admin_user_id: number; // на prod удалится
}

export interface UpdateSystemSettingResponse {
    key: string;
    value: string;
    previous_value: string;
    updated_at: string;
    message: string;
}

export async function updateSystemSetting(
    key: string,
    payload: UpdateSystemSettingPayload,
): Promise<UpdateSystemSettingResponse> {
    await ensureCsrfCookie();
    const { data } = await apiClient.put<UpdateSystemSettingResponse>(
        `/api/admin/system-settings/${encodeURIComponent(key)}`,
        payload,
    );
    return data;
}