# =============================================================
# File: backend/mcp_servers/admin_server.py
# =============================================================

from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
import logging
import sys
import os

# Fix Python module paths
current_dir = os.path.dirname(__file__)
sys.path.insert(0, current_dir)

from models.admin import EvalRequest, AlertPayload


admin_app = FastAPI(title="Admin MCP Server")

# Enable CORS
admin_app.add_middleware(
    CORSMiddleware,
    allow_origins=["*"],
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)

log = logging.getLogger("admin_mcp")
logging.basicConfig(level=logging.INFO)


@admin_app.post("/eval")
async def eval_query(req: EvalRequest):
    danger = ["delete all data", "export users", "password", "token"]
    q = req.query.lower()
    for d in danger:
        if d in q:
            return {"action": "block", "reason": d}
    return {"action": "allow"}


@admin_app.post("/alert")
async def alert(payload: AlertPayload):
    log.warning(f"Alert received for tenant {payload.tenant_id}: {payload.violations}")
    return {"status": "ok"}


if __name__ == "__main__":
    import uvicorn
    uvicorn.run(admin_app, host="0.0.0.0", port=8003)