/*
 * Ginxsom Admin Commands Interface
 *
 * Handles encrypted admin commands sent via Kind 23458 events
 * and generates encrypted responses as Kind 23459 events.
 */

#ifndef ADMIN_COMMANDS_H
#define ADMIN_COMMANDS_H

#include <cjson/cJSON.h>

// Command handler result codes
typedef enum {
    ADMIN_CMD_SUCCESS = 0,
    ADMIN_CMD_ERROR_PARSE = -1,
    ADMIN_CMD_ERROR_UNKNOWN = -2,
    ADMIN_CMD_ERROR_INVALID = -3,
    ADMIN_CMD_ERROR_DATABASE = -4,
    ADMIN_CMD_ERROR_PERMISSION = -5
} admin_cmd_result_t;

// Initialize admin command system
int admin_commands_init(const char *db_path);

// Process an admin command and generate response
// Returns cJSON response object (caller must free with cJSON_Delete)
cJSON* admin_commands_process(cJSON* command_array, const char* request_event_id);

// Individual command handlers
cJSON* admin_cmd_config_query(cJSON* args);
cJSON* admin_cmd_config_update(cJSON* args);
cJSON* admin_cmd_stats_query(cJSON* args);
cJSON* admin_cmd_system_status(cJSON* args);
cJSON* admin_cmd_blob_list(cJSON* args);
cJSON* admin_cmd_storage_stats(cJSON* args);
cJSON* admin_cmd_sql_query(cJSON* args);
cJSON* admin_cmd_query_view(cJSON* args);

// Auth rules management handlers (c-relay compatible)
cJSON* admin_cmd_auth_add_rule(cJSON* args);
cJSON* admin_cmd_auth_delete_rule(cJSON* args);
cJSON* admin_cmd_auth_query(cJSON* args);

// NIP-44 encryption/decryption helpers
int admin_encrypt_response(
    const unsigned char* server_privkey,
    const unsigned char* admin_pubkey,
    const char* plaintext_json,
    char* output,
    size_t output_size
);

int admin_decrypt_command(
    const unsigned char* server_privkey,
    const unsigned char* admin_pubkey,
    const char* encrypted_data,
    char* output,
    size_t output_size
);

#endif /* ADMIN_COMMANDS_H */