import {
	index,
	jsonb,
	pgTable,
	timestamp,
	uuid,
	varchar,
} from "drizzle-orm/pg-core";
import { users } from "./users";

export const auditLogs = pgTable(
	"audit_logs",
	{
		id: uuid("id").primaryKey().defaultRandom(),
		userId: uuid("user_id").references(() => users.uuid, {
			onDelete: "set null",
		}), // L'utilisateur qui a fait l'action
		action: varchar("action", { length: 64 }).notNull(), // ex: 'PII_ACCESS', 'USER_DELETE', 'ROLE_CHANGE'
		entityType: varchar("entity_type", { length: 64 }).notNull(), // ex: 'users', 'contents'
		entityId: uuid("entity_id"), // ID de l'entité concernée

		// Détails de l'action pour la conformité
		details: jsonb("details"), // Données supplémentaires (ex: quelles colonnes ont changé)
		ipHash: varchar("ip_hash", { length: 64 }), // IP de l'auteur (hachée pour RGPD)
		userAgent: varchar("user_agent", { length: 255 }),

		createdAt: timestamp("created_at", { withTimezone: true })
			.notNull()
			.defaultNow(),
	},
	(table) => ({
		userIdIdx: index("audit_logs_user_id_idx").on(table.userId),
		actionIdx: index("audit_logs_action_idx").on(table.action),
		entityIdx: index("audit_logs_entity_idx").on(
			table.entityType,
			table.entityId,
		),
		createdAtIdx: index("audit_logs_created_at_idx").on(table.createdAt),
	}),
);

export type AuditLogInDb = typeof auditLogs.$inferSelect;
export type NewAuditLogInDb = typeof auditLogs.$inferInsert;