using Microsoft.CodeAnalysis;
using Microsoft.CodeAnalysis.CSharp.Scripting;
using Microsoft.CodeAnalysis.Scripting;
using Microsoft.Extensions.Logging;
using ZB.MOM.WW.ScadaBridge.Commons.Types;
using ZB.MOM.WW.ScadaBridge.ScriptAnalysis;

namespace ZB.MOM.WW.ScadaBridge.SiteRuntime.Scripts;

/// <summary>
/// WP-19: Script Trust Model — compiles C# scripts using Roslyn with restricted API access.
/// The forbidden-API verdict is delegated to the shared authoritative
/// <see cref="ScriptTrustValidator"/> (M3.1 consolidation); this service keeps the real
/// execution-path compile of the script against <see cref="ScriptGlobals"/> /
/// <see cref="TriggerExpressionGlobals"/>.
/// </summary>
public class ScriptCompilationService
{
    private readonly ILogger<ScriptCompilationService> _logger;

    /// <summary>Initializes a new instance of the ScriptCompilationService class.</summary>
    /// <param name="logger">Logger instance.</param>
    public ScriptCompilationService(ILogger<ScriptCompilationService> logger)
    {
        _logger = logger;
    }

    /// <summary>
    /// SiteRuntime-011: validates that the script does not reference forbidden APIs.
    ///
    /// As of the M3.1 script-analysis consolidation this delegates to the shared
    /// authoritative <see cref="ScriptTrustValidator.FindViolations(string, System.Collections.Generic.IEnumerable{MetadataReference})"/>,
    /// which is the same Roslyn semantic-symbol analysis this service previously hosted
    /// plus reflection-gateway / <c>dynamic</c> / <c>Activator</c> hardening ported from
    /// the InboundAPI checker. The shared validator is the single source of truth for the
    /// forbidden-API deny-list; SiteRuntime retains only the real execution-path compile
    /// in <see cref="CompileCore"/>.
    ///
    /// Returns a list of violation messages, empty if clean.
    /// </summary>
    /// <param name="code">The script code to validate.</param>
    /// <returns>A list of trust-model violation messages; empty if the script is clean.</returns>
    public IReadOnlyList<string> ValidateTrustModel(string code)
        => ScriptTrustValidator.FindViolations(code);

    /// <summary>
    /// Assemblies referenced by compiled scripts, used to build the Roslyn scripting
    /// options for the real execution-path compile.
    /// </summary>
    private static readonly System.Reflection.Assembly[] ScriptAssemblies =
    [
        typeof(object).Assembly,
        typeof(Enumerable).Assembly,
        typeof(Math).Assembly,
        typeof(Microsoft.CSharp.RuntimeBinder.CSharpArgumentInfo).Assembly,
        typeof(Commons.Types.DynamicJsonElement).Assembly
    ];

    /// <summary>
    /// Shared Roslyn scripting options (references + imports) used by both full
    /// script compilation and trigger-expression compilation.
    /// </summary>
    private static ScriptOptions BuildScriptOptions() => ScriptOptions.Default
        .WithReferences(ScriptAssemblies)
        .WithImports(
            "System",
            "System.Collections.Generic",
            "System.Linq",
            "System.Threading.Tasks");

    /// <summary>
    /// Compiles a script into a reusable delegate that takes a ScriptRuntimeContext
    /// and parameters dictionary, and returns an object? result.
    /// </summary>
    /// <param name="scriptName">The name of the script.</param>
    /// <param name="code">The script code to compile.</param>
    /// <returns>A <see cref="ScriptCompilationResult"/> containing the compiled script on success, or error messages on failure.</returns>
    public ScriptCompilationResult Compile(string scriptName, string code)
        => CompileCore(scriptName, code, typeof(ScriptGlobals));

    /// <summary>
    /// Compiles a bare C# boolean trigger expression against the restricted
    /// read-only <see cref="TriggerExpressionGlobals"/>. The expression is a
    /// trailing expression (no <c>return</c>); Roslyn scripting yields its
    /// value, which the caller coerces to <c>bool</c>. Reuses the same script
    /// options and forbidden-API trust validation as <see cref="Compile"/>.
    /// </summary>
    /// <param name="name">The name of the trigger expression.</param>
    /// <param name="expression">The trigger expression to compile.</param>
    /// <returns>A <see cref="ScriptCompilationResult"/> containing the compiled expression on success, or error messages on failure.</returns>
    public ScriptCompilationResult CompileTriggerExpression(string name, string expression)
        => CompileCore(name, expression, typeof(TriggerExpressionGlobals));

    /// <summary>
    /// Shared compilation path: validates the trust model, builds the script
    /// against the given globals type, and returns the compiled result.
    /// </summary>
    private ScriptCompilationResult CompileCore(string name, string code, Type globalsType)
    {
        // Validate trust model
        var violations = ValidateTrustModel(code);
        if (violations.Count > 0)
        {
            _logger.LogWarning(
                "Script {Script} failed trust validation: {Violations}",
                name, string.Join("; ", violations));
            return ScriptCompilationResult.Failed(violations);
        }

        try
        {
            var script = CSharpScript.Create<object?>(
                code,
                BuildScriptOptions(),
                globalsType: globalsType);

            var diagnostics = script.Compile();
            var errors = diagnostics
                .Where(d => d.Severity == DiagnosticSeverity.Error)
                .Select(d => d.GetMessage())
                .ToList();

            if (errors.Count > 0)
            {
                _logger.LogWarning(
                    "Script {Script} compilation failed: {Errors}",
                    name, string.Join("; ", errors));
                return ScriptCompilationResult.Failed(errors);
            }

            _logger.LogDebug("Script {Script} compiled successfully", name);
            return ScriptCompilationResult.Succeeded(script);
        }
        catch (Exception ex)
        {
            _logger.LogError(ex, "Unexpected error compiling script {Script}", name);
            return ScriptCompilationResult.Failed([$"Compilation exception: {ex.Message}"]);
        }
    }
}

/// <summary>
/// Result of script compilation, containing either the compiled script or error messages.
/// </summary>
public class ScriptCompilationResult
{
    /// <summary>Indicates whether compilation succeeded.</summary>
    public bool IsSuccess { get; }
    /// <summary>The compiled script, or null if compilation failed.</summary>
    public Script<object?>? CompiledScript { get; }
    /// <summary>List of error messages, empty if compilation succeeded.</summary>
    public IReadOnlyList<string> Errors { get; }

    private ScriptCompilationResult(bool success, Script<object?>? script, IReadOnlyList<string> errors)
    {
        IsSuccess = success;
        CompiledScript = script;
        Errors = errors;
    }

    /// <summary>Creates a successful compilation result.</summary>
    /// <param name="script">The compiled script.</param>
    /// <returns>A <see cref="ScriptCompilationResult"/> with <see cref="IsSuccess"/> set to <c>true</c> and the compiled script attached.</returns>
    public static ScriptCompilationResult Succeeded(Script<object?> script) =>
        new(true, script, []);

    /// <summary>Creates a failed compilation result.</summary>
    /// <param name="errors">List of error messages.</param>
    /// <returns>A <see cref="ScriptCompilationResult"/> with <see cref="IsSuccess"/> set to <c>false</c> and the provided error messages.</returns>
    public static ScriptCompilationResult Failed(IReadOnlyList<string> errors) =>
        new(false, null, errors);
}

/// <summary>
/// Global variables available to compiled scripts. The ScriptRuntimeContext is injected
/// as the "Instance" global, and parameters are available via "Parameters".
/// </summary>
public class ScriptGlobals
{
    /// <summary>The script runtime context providing access to instance state.</summary>
    public ScriptRuntimeContext Instance { get; set; } = null!;
    /// <summary>Script parameters passed by the caller.</summary>
    public ScriptParameters Parameters { get; set; } = new ScriptParameters();
    /// <summary>Cancellation token for script execution.</summary>
    public CancellationToken CancellationToken { get; set; }

    /// <summary>
    /// Alarm context when this script is invoked as an on-trigger handler.
    /// Null for instance scripts, shared scripts, and inbound-API-routed
    /// scripts. Lets on-trigger scripts read the firing alarm's Name, Level
    /// (HiLo only), Priority, and per-band Message to branch routing logic.
    /// </summary>
    public Commons.Types.Scripts.AlarmContext? Alarm { get; set; }

    /// <summary>
    /// Where this script sits in the composition tree. Defaults to root for
    /// scripts on top-level templates; a flattened composed script gets
    /// SelfPath = "TempSensor" (etc.) and a ParentPath set to one level up.
    /// </summary>
    public Commons.Types.Scripts.ScriptScope Scope { get; set; } =
        Commons.Types.Scripts.ScriptScope.Root;

    /// <summary>
    /// Top-level ExternalSystem access for scripts (delegates to Instance.ExternalSystem).
    /// Usage: ExternalSystem.Call("systemName", "methodName", params)
    /// </summary>
    public ScriptRuntimeContext.ExternalSystemHelper ExternalSystem => Instance.ExternalSystem;

    /// <summary>
    /// Top-level Database access for scripts (delegates to Instance.Database).
    /// Usage: Database.Connection("name") or Database.CachedWrite("name", "sql", params)
    /// </summary>
    public ScriptRuntimeContext.DatabaseHelper Database => Instance.Database;

    /// <summary>
    /// Top-level Notify access for scripts (delegates to Instance.Notify).
    /// Usage: Notify.To("listName").Send("subject", "message")
    /// </summary>
    public ScriptRuntimeContext.NotifyHelper Notify => Instance.Notify;

    /// <summary>
    /// Top-level Scripts access for shared script calls (delegates to Instance.Scripts).
    /// Usage: Scripts.CallShared("scriptName", params)
    /// </summary>
    public ScriptRuntimeContext.ScriptCallHelper Scripts => Instance.Scripts;

    /// <summary>
    /// Read/write the current template's attributes by name. Resolves to the
    /// canonical name for the script's scope, so a script on a composed
    /// TempSensor reads its own Temperature via <c>Attributes["Temperature"]</c>.
    /// </summary>
    public AttributeAccessor Attributes => new(Instance, Scope.SelfPath);

    /// <summary>
    /// Indexed access to child compositions.
    /// <c>Children["TempSensor"].Attributes["Temperature"]</c> reads the
    /// composed child's attribute. <c>Children["TempSensor"].CallScript("Sample")</c>
    /// invokes a script on the child.
    /// </summary>
    public ChildrenAccessor Children => new(Instance, Scope.SelfPath);

    /// <summary>
    /// Parent composition (null when this script is on a root-level template).
    /// <c>Parent.Attributes["SpeedRPM"]</c> reaches the parent's attribute;
    /// <c>Parent.CallScript("Trip")</c> invokes a parent script.
    /// </summary>
    public CompositionAccessor? Parent =>
        Scope.ParentPath == null ? null : new CompositionAccessor(Instance, Scope.ParentPath);
}