Sanad/dashboard/routes/scripts.py

"""Script/prompt file management — CRUD for sanad_script.txt, sanad_rule.txt, etc."""

from __future__ import annotations

from datetime import datetime
from pathlib import Path

from fastapi import APIRouter, HTTPException
from pydantic import BaseModel

from Project.Sanad.config import SCRIPTS_DIR
from Project.Sanad.dashboard.routes._safe_io import (
    atomic_write_text, MAX_UPLOAD_BYTES,
)

router = APIRouter()

MAX_SCRIPT_BYTES = MAX_UPLOAD_BYTES


def _safe_path(name: str) -> Path:
    cleaned = name.strip()
    if not cleaned or "/" in cleaned or "\\" in cleaned or cleaned in {".", ".."}:
        raise HTTPException(400, "Invalid script name.")
    path = (SCRIPTS_DIR / cleaned).resolve()
    if not str(path).startswith(str(SCRIPTS_DIR.resolve())):
        raise HTTPException(400, "Path traversal denied.")
    return path


@router.get("/")
async def list_scripts():
    SCRIPTS_DIR.mkdir(parents=True, exist_ok=True)
    items = []
    for p in sorted(SCRIPTS_DIR.iterdir(), key=lambda x: x.name.lower()):
        if not p.is_file():
            continue
        st = p.stat()
        items.append({
            "name": p.name,
            "size_bytes": st.st_size,
            "modified_at": datetime.fromtimestamp(st.st_mtime).isoformat(timespec="seconds"),
        })
    return {"path": str(SCRIPTS_DIR), "files": items}


class ScriptLoad(BaseModel):
    name: str

@router.post("/load")
async def load_script(payload: ScriptLoad):
    path = _safe_path(payload.name)
    if not path.exists():
        raise HTTPException(404, f"Script not found: {payload.name}")
    content = path.read_text(encoding="utf-8-sig")
    st = path.stat()
    return {
        "name": path.name,
        "content": content,
        "size_bytes": st.st_size,
        "modified_at": datetime.fromtimestamp(st.st_mtime).isoformat(timespec="seconds"),
    }


class ScriptSave(BaseModel):
    name: str
    content: str

@router.post("/save")
async def save_script(payload: ScriptSave):
    if len(payload.content.encode("utf-8")) > MAX_SCRIPT_BYTES:
        raise HTTPException(413, f"Content too large (max {MAX_SCRIPT_BYTES} bytes).")
    path = _safe_path(payload.name)
    SCRIPTS_DIR.mkdir(parents=True, exist_ok=True)
    atomic_write_text(path, payload.content)
    return {"ok": True, "name": path.name, "size_bytes": path.stat().st_size}


class ScriptCreate(BaseModel):
    name: str
    content: str = ""

@router.post("/create")
async def create_script(payload: ScriptCreate):
    if len(payload.content.encode("utf-8")) > MAX_SCRIPT_BYTES:
        raise HTTPException(413, f"Content too large (max {MAX_SCRIPT_BYTES} bytes).")
    path = _safe_path(payload.name)
    if path.exists():
        raise HTTPException(409, f"File already exists: {payload.name}")
    SCRIPTS_DIR.mkdir(parents=True, exist_ok=True)
    atomic_write_text(path, payload.content)
    return {"ok": True, "name": path.name}


class ScriptRename(BaseModel):
    old_name: str
    new_name: str

@router.post("/rename")
async def rename_script(payload: ScriptRename):
    old = _safe_path(payload.old_name)
    new = _safe_path(payload.new_name)
    if not old.exists():
        raise HTTPException(404, f"Not found: {payload.old_name}")
    if new.exists():
        raise HTTPException(409, f"Already exists: {payload.new_name}")
    old.rename(new)
    return {"ok": True, "old_name": payload.old_name, "new_name": new.name}


class ScriptDelete(BaseModel):
    name: str

@router.post("/delete")
async def delete_script(payload: ScriptDelete):
    path = _safe_path(payload.name)
    if not path.exists():
        raise HTTPException(404, f"Not found: {payload.name}")
    path.unlink()
    return {"ok": True, "deleted": payload.name}