import { Controller, Get, Post, Delete, Body, Param, UseGuards } from '@nestjs/common';
import { ApiTags, ApiBearerAuth, ApiOperation } from '@nestjs/swagger';
import { SecretService } from './secret.service';
import { AdminAuthGuard } from '../../common/guards/admin-auth.guard';
import { AdminRolesGuard } from '../../common/guards/admin-roles.guard';
import { AdminRoles } from '../../common/decorators/admin-roles.decorator';
import type { AdminRole } from '../../common/types/admin-role.enum';

@ApiTags('admin-secret')
@Controller('admin-api/secrets')
@UseGuards(AdminAuthGuard, AdminRolesGuard)
@ApiBearerAuth()
export class SecretController {
  constructor(private readonly svc: SecretService) {}

  @Get() @AdminRoles('SUPER_ADMIN' as AdminRole) async list() { return this.svc.list() }
  @Post() @AdminRoles('SUPER_ADMIN' as AdminRole) async create(@Body() d: { name: string; provider: string; value: string; expiresAt?: string }) { return this.svc.create(d.name, d.provider, d.value, d.expiresAt) }
  @Delete(':id') @AdminRoles('SUPER_ADMIN' as AdminRole) async delete(@Param('id') id: string) { await this.svc.delete(id); return { success: true } }
  @Get('logs') @AdminRoles('SUPER_ADMIN' as AdminRole) async logs() { return this.svc.accessLogs() }
}