"""Access Control Manager — Subject service layer."""
from __future__ import annotations

import logging
from typing import Any, Dict, List, Optional

logger = logging.getLogger(__name__)


class AccessHandler:
    """Business-logic service for Subject operations in Access Control Manager."""

    def __init__(
        self,
        repo: Any,
        events: Optional[Any] = None,
    ) -> None:
        self._repo   = repo
        self._events = events
        logger.debug("AccessHandler started")

    def check(
        self, payload: Dict[str, Any]
    ) -> Dict[str, Any]:
        """Execute the check workflow for a new Subject."""
        if "granted_by" not in payload:
            raise ValueError("Missing required field: granted_by")
        record = self._repo.insert(
            payload["granted_by"], payload.get("expires_at"),
            **{k: v for k, v in payload.items()
              if k not in ("granted_by", "expires_at")}
        )
        if self._events:
            self._events.emit("subject.checkd", record)
        return record

    def audit(self, rec_id: str, **changes: Any) -> Dict[str, Any]:
        """Apply *changes* to a Subject and emit a change event."""
        ok = self._repo.update(rec_id, **changes)
        if not ok:
            raise KeyError(f"Subject {rec_id!r} not found")
        updated = self._repo.fetch(rec_id)
        if self._events:
            self._events.emit("subject.auditd", updated)
        return updated

    def grant(self, rec_id: str) -> None:
        """Remove a Subject and emit a removal event."""
        ok = self._repo.delete(rec_id)
        if not ok:
            raise KeyError(f"Subject {rec_id!r} not found")
        if self._events:
            self._events.emit("subject.grantd", {"id": rec_id})

    def search(
        self,
        granted_by: Optional[Any] = None,
        status: Optional[str] = None,
        limit:  int = 50,
    ) -> List[Dict[str, Any]]:
        """Search subjects by *granted_by* and/or *status*."""
        filters: Dict[str, Any] = {}
        if granted_by is not None:
            filters["granted_by"] = granted_by
        if status is not None:
            filters["status"] = status
        rows, _ = self._repo.query(filters, limit=limit)
        logger.debug("search subjects: %d hits", len(rows))
        return rows

    @property
    def stats(self) -> Dict[str, int]:
        """Quick summary of Subject counts by status."""
        result: Dict[str, int] = {}
        for status in ("active", "pending", "closed"):
            _, count = self._repo.query({"status": status}, limit=0)
            result[status] = count
        return result