{% extends "xeolux_securitykit/base.html" %}
{% block title %}Routes protégées{% endblock %}

{% block content %}
<div class="page-header">
  <div style="display:flex; justify-content:space-between; align-items:flex-start; flex-wrap:wrap; gap:12px;">
    <div>
      <h1>Routes protégées</h1>
      <p>Règles de sécurité appliquées par chemin URL.</p>
    </div>
    <a href="{% url 'xeolux_securitykit:route_add' %}" class="btn btn-primary">+ Ajouter une route</a>
  </div>
</div>

{% for route in routes %}
<div class="card" style="border-left:3px solid {% if not route.enabled %}var(--label-4){% else %}var(--blue){% endif %}; opacity:{% if not route.enabled %}0.6{% else %}1{% endif %};">
  <div style="display:flex; justify-content:space-between; align-items:flex-start; flex-wrap:wrap; gap:10px; margin-bottom:14px;">
    <div style="display:flex; align-items:center; gap:10px; flex-wrap:wrap;">
      <code style="font-size:14px; color:var(--blue); font-weight:600;">{{ route.path }}</code>
      <span class="badge badge-neutral" style="font-size:10px; text-transform:uppercase;">{{ route.match_type }}</span>
      {% if not route.enabled %}<span class="badge badge-neutral">Inactif</span>{% endif %}
      {% if route.description %}<span style="font-size:12px; color:var(--label-3);">{{ route.description }}</span>{% endif %}
    </div>
    <div style="display:flex; gap:8px; flex-shrink:0;">
      <a href="{% url 'xeolux_securitykit:rule_add' route.pk %}" class="btn btn-sm btn-outline">+ Règle</a>
      <a href="{% url 'xeolux_securitykit:route_edit' route.pk %}" class="btn btn-sm btn-ghost">Modifier</a>
      <form method="post" action="{% url 'xeolux_securitykit:route_delete' route.pk %}" style="display:inline">
        {% csrf_token %}
        <button type="submit" class="btn btn-sm btn-outline" style="color:var(--red);" onclick="return confirm('Supprimer cette route et toutes ses règles ?')">Supprimer</button>
      </form>
    </div>
  </div>

  {% if route.rules.all %}
  <div class="table-wrap">
    <table>
      <thead><tr><th>Action</th><th>Si…</th><th>Priorité</th><th>Statut</th><th style="width:100px;"></th></tr></thead>
      <tbody>
        {% for rule in route.rules.all %}
        <tr>
          <td>
            <span class="badge {% if rule.action == 'fake_404' or rule.action == 'block' %}badge-danger{% elif rule.action == 'allow' %}badge-ok{% else %}badge-warn{% endif %}">
              {% if rule.action == 'fake_404' %}Fake 404
              {% elif rule.action == 'block' %}Bloquer (403)
              {% elif rule.action == 'allow' %}Autoriser
              {% elif rule.action == 'redirect' %}Rediriger
              {% elif rule.action == 'slow_down' %}Ralentir
              {% else %}{{ rule.action }}{% endif %}
            </span>
          </td>
          <td>
            {% with c=rule.conditions %}
            {% if not c %}
              <span style="font-size:12px; color:var(--label-3);">Toujours</span>
            {% else %}
              <div style="display:flex; flex-wrap:wrap; gap:5px;">
                {% if c.require_authenticated %}<span class="badge badge-info" style="font-size:10px;">Connecté requis</span>{% endif %}
                {% if c.require_staff %}<span class="badge badge-info" style="font-size:10px;">Staff requis</span>{% endif %}
                {% if c.require_whitelist_ip %}<span class="badge badge-info" style="font-size:10px;">IP whitelist</span>{% endif %}
                {% if c.deny_blacklist_ip %}<span class="badge badge-warn" style="font-size:10px;">Bloque blacklist</span>{% endif %}
                {% if c.require_api_key %}<span class="badge badge-info" style="font-size:10px;">Clé API</span>{% endif %}
                {% if c.allowed_methods %}<span class="badge badge-neutral" style="font-size:10px;">{{ c.allowed_methods|join:", " }}</span>{% endif %}
                {% if c.deny_user_agent_pattern %}<span class="badge badge-warn" style="font-size:10px;">UA: {{ c.deny_user_agent_pattern|truncatechars:20 }}</span>{% endif %}
              </div>
            {% endif %}
            {% endwith %}
          </td>
          <td style="color:var(--label-3); font-size:12px;">{{ rule.priority }}</td>
          <td>{% if rule.enabled %}<span class="badge badge-ok">Actif</span>{% else %}<span class="badge badge-neutral">Inactif</span>{% endif %}</td>
          <td>
            <div style="display:flex; gap:4px;">
              <a href="{% url 'xeolux_securitykit:rule_edit' rule.pk %}" class="btn btn-sm btn-ghost" style="font-size:11px;">Modifier</a>
              <form method="post" action="{% url 'xeolux_securitykit:rule_delete' rule.pk %}" style="display:inline">
                {% csrf_token %}
                <button type="submit" class="btn btn-sm btn-outline" style="color:var(--red); border-color:transparent;" onclick="return confirm('Supprimer cette règle ?')">
                  <svg width="12" height="12" viewBox="0 0 12 12" fill="none"><path d="M2 2L10 10M10 2L2 10" stroke="currentColor" stroke-width="1.4" stroke-linecap="round"/></svg>
                </button>
              </form>
            </div>
          </td>
        </tr>
        {% endfor %}
      </tbody>
    </table>
  </div>
  {% else %}
  <p style="font-size:12px; color:var(--label-3);">Aucune règle — <a href="{% url 'xeolux_securitykit:rule_add' route.pk %}">Ajouter une règle</a></p>
  {% endif %}
</div>
{% empty %}
<div class="card">
  <div class="empty-state">
    <div class="empty-icon">
      <svg width="40" height="40" viewBox="0 0 40 40" fill="none"><path d="M8 20H32M32 20L24 12M32 20L24 28" stroke="var(--label-3)" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/></svg>
    </div>
    <p>Aucune route protégée.</p>
    <a href="{% url 'xeolux_securitykit:route_add' %}" class="btn btn-primary" style="margin-top:14px;">Ajouter la première route</a>
  </div>
</div>
{% endfor %}
{% endblock %}