# frozen_string_literal: true

require 'sinatra/base'

module InfisicalLicenseServer::API
  class LicenseServerV1 < Sinatra::Base
    # https://github.com/Infisical/infisical/blob/main/backend/src/ee/services/license/licence-enums.ts
    HEADERS = %w[Allowed Used].freeze
    ROWS = [
      { name: "Organization identity limit", field: "identityLimit" },
      { name: "Project limit", field: "workspaceLimit" },
      { name: "Environment limit", field: "environmentLimit" },
      { name: "Secret versioning", field: "secretVersioning" },
      { name: "Point in time recovery", field: "pitRecovery" },
      { name: "RBAC", field: "rbac" },
      { name: "Custom rate limits", field: "customRateLimits" },
      { name: "Custom alerts", field: "customAlerts" },
      { name: "Audit logs", field: "auditLogs" },
      { name: "SAML SSO", field: "samlSSO" },
      { name: "SSH Host Groups", field: "sshHostGroups" },
      { name: "Hardware Security Module (HSM)", field: "hsm" },
      { name: "OIDC SSO", field: "oidcSSO" },
      { name: "Secret approvals", field: "secretApproval" },
      { name: "Secret rotation", field: "secretRotation" },
      { name: "Instance User Management", field: "instanceUserManagement" },
      { name: "External KMS", field: "externalKms" }
    ].freeze

    configure :development do
      require 'sinatra/reloader'
      register Sinatra::Reloader
    end

    enable :logging

    get '/customers/on-prem-plan/table' do
      auth = request.get_header('HTTP_AUTHORIZATION')
      error 401 unless InfisicalLicenseServer.config.auth? auth

      plan = InfisicalLicenseServer.config.plan_for(auth)
      error 500 unless plan

      {
        head: HEADERS.map { |head| { name: head } },
        rows: ROWS.map do |row|
          {
            name: row[:name],
            allowed: row[:field].end_with?('Limit') ? true : (plan['merged'][row[:field]] || false),
          }
        end
      }.to_json
    end
  end
end