#pragma once

#include <stddef.h>
#include <stdbool.h>
#include <stdint.h>

#define MAX_RULE_CONDITIONS   16
#define MAX_RULES            128
#define MAX_PATTERNS         512
#define MAX_MATCH_OFFSETS     64
#define PATTERN_TABLE_SIZE  1024

typedef struct {
    const char *id;
    uint8_t *bytes;
    size_t len;

    size_t match_offsets[MAX_MATCH_OFFSETS];
    size_t match_count;
} pattern_t;

/* typedef struct { */
/*     const char *id; */
/*     pattern_t *entry; */
/* } pattern_bucket_t; */

typedef struct pattern_bucket {
	const char *id;
	pattern_t *entry;
	struct pattern_bucket *next;
} pattern_bucket_t;

//pattern_bucket_t *buckets[PATTERN_TABLE_SIZE];

typedef struct {
    pattern_t patterns[MAX_PATTERNS];
    size_t count;

    pattern_bucket_t *buckets[PATTERN_TABLE_SIZE];
} pattern_table_t;


typedef enum {
	RULE_BLOCK,
	RULE_ALLOW,
	RULE_QUARANTINE,
	RULE_INFORMATIONAL
} rule_action_t;

typedef enum {
	COND_TYPE_REQUIRED, // and
	COND_TYPE_OPTIONAL, // or
	COND_TYPE_NEGATED   // not
} condition_type_t;

typedef struct {
	const char       *pattern_id;
	size_t            offset;
	bool              has_offset;
	condition_type_t  type;
} rule_condition_t;

typedef struct {
	const char       *id;
	rule_action_t     action;
	rule_condition_t  conditions[MAX_RULE_CONDITIONS];
	size_t            condition_count;
} rule_t;

typedef struct {
	rule_t rules[MAX_RULES];
	size_t rule_count;
	pattern_table_t patterns;
} rule_set_t;


pattern_t *pattern_table_find(pattern_table_t *table, const char *id);
int pattern_table_add(pattern_table_t *table, const char *id, const uint8_t *bytes, size_t len);
void pattern_table_clear_matches(pattern_table_t *table);
void pattern_table_free(pattern_table_t *table);

int load_rules(const char *path, rule_set_t *out_ruleset);
rule_action_t parse_action(const char *s);
bool evaluate_rule(const rule_t *rule, pattern_table_t *patterns);
void dump_rule(const rule_t *r);
void free_rules(rule_set_t *rules);