package native

import (
	"errors"
)

// LOW-002: Common input validation constants and helpers for all native contracts.
// These ensure consistent validation and prevent DoS attacks via oversized inputs.

// Maximum string lengths for input validation.
const (
	// Identity-related limits
	MaxNameLength        = 256  // Names of laws, roles, etc.
	MaxDescriptionLength = 4096 // Detailed descriptions
	MaxReasonLength      = 1024 // Reasons for actions
	MaxPurposeLength     = 128  // Auth purposes

	// Identifiers
	MaxBucketLength = 64  // Bucket/category identifiers
	MaxTagLength    = 128 // Tags and labels
	MaxKeyLength    = 256 // Attribute keys

	// Content
	MaxAttributeValueLength = 4096  // Attribute values
	MaxEvidenceLength       = 32768 // Evidence/proof data

	// Query limits
	MaxQueryLimit   = 100 // Maximum items returned per query
	DefaultPageSize = 20  // Default page size for pagination
)

// Validation errors.
var (
	ErrInputTooLong      = errors.New("input exceeds maximum allowed length")
	ErrNameTooLong       = errors.New("name exceeds maximum length")
	ErrDescriptionTooLong = errors.New("description exceeds maximum length")
	ErrReasonTooLong     = errors.New("reason exceeds maximum length")
	ErrBucketTooLong     = errors.New("bucket identifier exceeds maximum length")
	ErrTagTooLong        = errors.New("tag exceeds maximum length")
	ErrKeyTooLong        = errors.New("key exceeds maximum length")
	ErrValueTooLong      = errors.New("value exceeds maximum length")
	ErrEvidenceTooLong   = errors.New("evidence exceeds maximum length")
	ErrInvalidPageSize   = errors.New("page size exceeds maximum")
)

// ValidateName checks if a name is within allowed length.
func ValidateName(name string) error {
	if len(name) > MaxNameLength {
		return ErrNameTooLong
	}
	return nil
}

// ValidateDescription checks if a description is within allowed length.
func ValidateDescription(desc string) error {
	if len(desc) > MaxDescriptionLength {
		return ErrDescriptionTooLong
	}
	return nil
}

// ValidateReason checks if a reason is within allowed length.
func ValidateReason(reason string) error {
	if len(reason) > MaxReasonLength {
		return ErrReasonTooLong
	}
	return nil
}

// ValidateBucket checks if a bucket identifier is within allowed length.
func ValidateBucket(bucket string) error {
	if len(bucket) > MaxBucketLength {
		return ErrBucketTooLong
	}
	return nil
}

// ValidateTag checks if a tag is within allowed length.
func ValidateTag(tag string) error {
	if len(tag) > MaxTagLength {
		return ErrTagTooLong
	}
	return nil
}

// ValidateKey checks if a key is within allowed length.
func ValidateKey(key string) error {
	if len(key) > MaxKeyLength {
		return ErrKeyTooLong
	}
	return nil
}

// ValidateValue checks if a value is within allowed length.
func ValidateValue(value string) error {
	if len(value) > MaxAttributeValueLength {
		return ErrValueTooLong
	}
	return nil
}

// ValidateEvidence checks if evidence data is within allowed length.
func ValidateEvidence(evidence []byte) error {
	if len(evidence) > MaxEvidenceLength {
		return ErrEvidenceTooLong
	}
	return nil
}

// ValidatePageSize ensures page size is within limits.
// Returns the validated page size (clamped to max if needed).
func ValidatePageSize(size int) int {
	if size <= 0 {
		return DefaultPageSize
	}
	if size > MaxQueryLimit {
		return MaxQueryLimit
	}
	return size
}

// ValidateOffset ensures offset is non-negative.
func ValidateOffset(offset int) int {
	if offset < 0 {
		return 0
	}
	return offset
}