<?php
// Admin/v2/quality/blacklist_manager.php
require_once __DIR__ . '/../../../connect.php';
// require_once __DIR__ . '/../../../encrypt_decrypt.php';
require_once __DIR__ . '/../security/audit_logs_helper.php'; // إذا كان متاحاً، وإلا سننفذ الإدخال مباشرة

if ($role !== 'admin' && $role !== 'super_admin') {
    jsonError("Unauthorized", 403);
}

$action_type = filterRequest('action_type') ?: 'get_all';

try {
    if ($action_type === 'get_all') {
        // جلب قائمة السائقين المحظورين
        $stmt_drivers = $con->prepare("
            SELECT id, driver_id, phone, reason, created_at, 'driver' as type
            FROM blacklist_driver
            ORDER BY created_at DESC
        ");
        $stmt_drivers->execute();
        $blocked_drivers = $stmt_drivers->fetchAll(PDO::FETCH_ASSOC);

        // جلب قائمة الركاب المحظورين
        $stmt_passengers = $con->prepare("
            SELECT id, phone, phone_normalized, reason, expires_at, created_at, 'passenger' as type
            FROM passenger_blacklist
            ORDER BY created_at DESC
        ");
        $stmt_passengers->execute();
        $blocked_passengers = $stmt_passengers->fetchAll(PDO::FETCH_ASSOC);

        // فك التشفير عن الأرقام إذا كانت مشفرة
        foreach ($blocked_drivers as &$bd) {
            $decrypted_phone = $encryptionHelper->decryptData($bd['phone']);
            if ($decrypted_phone) $bd['phone'] = $decrypted_phone;
        }

        foreach ($blocked_passengers as &$bp) {
            $decrypted_phone = $encryptionHelper->decryptData($bp['phone']);
            if ($decrypted_phone) $bp['phone'] = $decrypted_phone;
        }

        jsonSuccess([
            'drivers' => $blocked_drivers,
            'passengers' => $blocked_passengers
        ]);
        exit;
    }

    if ($action_type === 'unblock_driver') {
        $phone = filterRequest('phone');
        if (!$phone) jsonError("Phone is required");

        $enc_phone = $encryptionHelper->encryptData($phone);

        $stmt = $con->prepare("DELETE FROM blacklist_driver WHERE phone = ? OR phone = ?");
        $stmt->execute([$phone, $enc_phone]);

        if ($stmt->rowCount() > 0) {
            // تسجيل في الـ Audit Log
            $log_stmt = $con->prepare("INSERT INTO admin_audit_log (admin_id, admin_phone, action, table_name, entity_type, details) VALUES (?, ?, ?, ?, ?, ?)");
            $log_stmt->execute([
                $user_id, 'Admin', 'unblock_driver', 'blacklist_driver', 'driver', 
                json_encode(['phone' => $phone, 'action' => 'Unblocked driver'])
            ]);

            jsonSuccess(null, "Driver unblocked successfully");
        } else {
            jsonError("Driver not found in blacklist");
        }
        exit;
    }

    if ($action_type === 'unblock_passenger') {
        $phone_normalized = filterRequest('phone_normalized');
        if (!$phone_normalized) jsonError("Normalized Phone is required");

        $stmt = $con->prepare("DELETE FROM passenger_blacklist WHERE phone_normalized = ?");
        $stmt->execute([$phone_normalized]);

        if ($stmt->rowCount() > 0) {
            // تسجيل في الـ Audit Log
            $log_stmt = $con->prepare("INSERT INTO admin_audit_log (admin_id, admin_phone, action, table_name, entity_type, details) VALUES (?, ?, ?, ?, ?, ?)");
            $log_stmt->execute([
                $user_id, 'Admin', 'unblock_passenger', 'passenger_blacklist', 'passenger', 
                json_encode(['phone_normalized' => $phone_normalized, 'action' => 'Unblocked passenger'])
            ]);

            jsonSuccess(null, "Passenger unblocked successfully");
        } else {
            jsonError("Passenger not found in blacklist");
        }
        exit;
    }

    jsonError("Invalid action_type", 400);

} catch (Exception $e) {
    jsonError("Blacklist action failed: " . $e->getMessage(), 500);
}
?>