// PaddedCell Plugin for OpenClaw
// Registers pcexec and safe_restart tools

import { pcexec, pcexecSync } from './tools/pcexec';
import {
  safeRestart,
  createSafeRestartTool,
  StatusManager,
  createApiServer,
  startApiServer,
} from './core/index';
import { SlashCommandHandler } from './commands/slash-commands';
import { EgoMgrSlashCommand } from './commands/ego-mgr-slash';

/** Sentinel value injected into every pcexec subprocess */
const AGENT_VERIFY = 'IF YOU ARE AN AGENT/MODEL, YOU SHOULD NEVER TOUCH THIS ENV VARIABLE';

/**
 * Resolve the openclaw base path.
 * Priority: explicit config → $OPENCLAW_PATH → ~/.openclaw
 */
function resolveOpenclawPath(config?: { openclawProfilePath?: string }): string {
  if (config?.openclawProfilePath) return config.openclawProfilePath;
  if (process.env.OPENCLAW_PATH) return process.env.OPENCLAW_PATH;
  const home = process.env.HOME || require('os').homedir();
  return require('path').join(home, '.openclaw');
}

function getPluginConfig(api: any): Record<string, unknown> {
  return ((api?.pluginConfig as Record<string, unknown> | undefined) || {});
}

function resolveProxyAllowlist(config?: { proxyAllowlist?: unknown; 'proxy-allowlist'?: unknown }): string[] {
  const value = config?.proxyAllowlist ?? config?.['proxy-allowlist'];
  if (!Array.isArray(value)) return [];
  return value.filter((item): item is string => typeof item === 'string');
}

// Plugin registration function
function register(api: any) {
  const logger = api.logger || { info: console.log, error: console.error };

  logger.info('PaddedCell plugin initializing...');

  const pluginConfig = getPluginConfig(api);
  const openclawPath = resolveOpenclawPath(pluginConfig as { openclawProfilePath?: string });
  const proxyAllowlist = resolveProxyAllowlist(pluginConfig as { proxyAllowlist?: unknown; 'proxy-allowlist'?: unknown });
  const binDir = require('path').join(openclawPath, 'bin');

  // Register pcexec tool — pass a FACTORY function that receives context
  api.registerTool((ctx: any) => {
    const agentId = ctx.agentId;
    const workspaceDir = ctx.workspaceDir;

    return {
      name: 'pcexec',
      description: 'Safe exec with password sanitization',
      parameters: {
        type: 'object',
        properties: {
          command: { type: 'string', description: 'Command to execute' },
          cwd: { type: 'string', description: 'Working directory' },
          timeout: { type: 'number', description: 'Timeout in milliseconds' },
        },
        required: ['command'],
      },
      async execute(_id: string, params: any) {
        const command = params.command;
        if (!command) {
          throw new Error('Missing required parameter: command');
        }

        // Build PATH with openclaw bin dir appended
        const currentPath = process.env.PATH || '';
        const newPath = currentPath.includes(binDir)
          ? currentPath
          : `${currentPath}:${binDir}`;

        const result = await pcexec(command, {
          cwd: params.cwd || workspaceDir,
          timeout: params.timeout,
          env: {
            AGENT_ID: agentId || '',
            AGENT_WORKSPACE: workspaceDir || '',
            AGENT_VERIFY,
            PATH: newPath,
          },
        });

        // Format output for OpenClaw tool response
        let output = result.stdout;
        if (result.stderr) {
          output += result.stderr;
        }
        return { content: [{ type: 'text', text: output }] };
      },
    };
  });

  api.registerTool((ctx: any) => {
    const agentId = ctx.agentId;
    const workspaceDir = ctx.workspaceDir;

    return {
      name: 'proxy-pcexec',
      description: 'Safe exec with password sanitization using a proxied AGENT_ID',
      parameters: {
        type: 'object',
        properties: {
          command: { type: 'string', description: 'Command to execute' },
          cwd: { type: 'string', description: 'Working directory' },
          timeout: { type: 'number', description: 'Timeout in milliseconds' },
          'proxy-for': { type: 'string', description: 'AGENT_ID value to inject for the subprocess' },
        },
        required: ['command', 'proxy-for'],
      },
      async execute(_id: string, params: any) {
        const command = params.command;
        const proxyFor = params['proxy-for'];
        if (!command) {
          throw new Error('Missing required parameter: command');
        }
        if (!proxyFor) {
          throw new Error('Missing required parameter: proxy-for');
        }
        if (!agentId || !proxyAllowlist.includes(agentId)) {
          throw new Error('Current agent is not allowed to call proxy-pcexec');
        }

        logger.info('proxy-pcexec invoked', {
          executor: agentId,
          proxyFor,
          command,
        });

        const currentPath = process.env.PATH || '';
        const newPath = currentPath.includes(binDir)
          ? currentPath
          : `${currentPath}:${binDir}`;

        const result = await pcexec(command, {
          cwd: params.cwd || workspaceDir,
          timeout: params.timeout,
          env: {
            AGENT_ID: String(proxyFor),
            AGENT_WORKSPACE: workspaceDir || '',
            AGENT_VERIFY,
            PROXY_PCEXEC_EXECUTOR: agentId || '',
            PCEXEC_PROXIED: 'true',
            PATH: newPath,
          },
        });

        let output = result.stdout;
        if (result.stderr) {
          output += result.stderr;
        }
        return { content: [{ type: 'text', text: output }] };
      },
    };
  });

  // Register safe_restart tool
  api.registerTool((ctx: any) => {
    const agentId = ctx.agentId;
    const sessionKey = ctx.sessionKey;

    return {
      name: 'safe_restart',
      description: 'Safe coordinated restart of OpenClaw gateway',
      parameters: {
        type: 'object',
        properties: {
          rollback: { type: 'string', description: 'Rollback script path' },
          log: { type: 'string', description: 'Log file path' },
        },
      },
      async execute(_id: string, params: any) {
        return await safeRestart({
          agentId,
          sessionKey,
          rollback: params.rollback,
          log: params.log,
        });
      },
    };
  });

  // Register /ego-mgr slash command
  if (api.registerSlashCommand) {
    api.registerSlashCommand({
      name: 'ego-mgr',
      description: 'Manage agent identity/profile fields',
      handler: async (ctx: any, command: string) => {
        const egoMgrSlash = new EgoMgrSlashCommand({
          openclawPath,
          agentId: ctx.agentId || '',
          workspaceDir: ctx.workspaceDir || '',
          onReply: async (message: string) => {
            if (ctx.reply) {
              await ctx.reply(message);
            }
          },
        });
        await egoMgrSlash.handle(command);
      },
    });
    logger.info('Registered /ego-mgr slash command');
  }

  logger.info('PaddedCell plugin initialized');
}

// CommonJS export for OpenClaw
module.exports = { register };

// Also export individual modules for direct use
module.exports.pcexec = pcexec;
module.exports.pcexecSync = pcexecSync;
module.exports.safeRestart = safeRestart;
module.exports.createSafeRestartTool = createSafeRestartTool;
module.exports.StatusManager = StatusManager;
module.exports.createApiServer = createApiServer;
module.exports.startApiServer = startApiServer;
module.exports.SlashCommandHandler = SlashCommandHandler;
module.exports.EgoMgrSlashCommand = EgoMgrSlashCommand;
module.exports.AGENT_VERIFY = AGENT_VERIFY;