package server

import (
	"encoding/json"
	"net/http"
	"strconv"
)

// GET /api/v1/admin/audit?tenant=3&limit=50&offset=0
func (s *Server) HandleAdminAudit(w http.ResponseWriter, r *http.Request) {
	if r.Method != http.MethodGet {
		http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
		return
	}
	limit := 50
	offset := 0
	if v := r.URL.Query().Get("limit"); v != "" {
		if i, err := strconv.Atoi(v); err == nil && i > 0 && i <= 500 {
			limit = i
		}
	}
	if v := r.URL.Query().Get("offset"); v != "" {
		if i, err := strconv.Atoi(v); err == nil && i >= 0 {
			offset = i
		}
	}
	tenantID := int64(0)
	if v := r.URL.Query().Get("tenant"); v != "" {
		if i, err := strconv.ParseInt(v, 10, 64); err == nil {
			tenantID = i
		}
	}
	logs, err := s.store.ListAuditLogs(tenantID, limit, offset)
	if err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
		return
	}
	w.Header().Set("Content-Type", "application/json")
	_ = json.NewEncoder(w).Encode(map[string]any{"error": 0, "logs": logs})
}