"""engine_v2/content_sanitizer.py — 3레이어 인젝션 방어."""

from __future__ import annotations

import re

# L1: 패턴 기반 정규식 Sanitizer
_INJECTION_PATTERNS: list[re.Pattern[str]] = [
    re.compile(r"(?i)ignore\s+(all\s+)?previous\s+instructions"),
    re.compile(r"(?i)you\s+are\s+now\s+(?:a|an)\s+"),
    re.compile(r"(?i)system\s*:\s*"),
    re.compile(r"(?i)<\s*/?\s*system\s*>"),
    re.compile(r"(?i)act\s+as\s+(?:a|an|if)\s+"),
    re.compile(r"(?i)forget\s+(everything|all|your)"),
    re.compile(r"(?i)new\s+instructions?\s*:"),
    re.compile(r"(?i)override\s+(your|the)\s+"),
]


def sanitize_l1(text: str) -> tuple[str, int]:
    """L1: 패턴 기반 정규식 필터링.

    Returns:
        (sanitized_text, flagged_count)
    """
    flagged = 0
    result = text
    for pattern in _INJECTION_PATTERNS:
        matches = pattern.findall(result)
        flagged += len(matches)
        result = pattern.sub("[REDACTED]", result)
    return result, flagged


def wrap_upstream(text: str) -> str:
    """L2: 구조적 격리 — <UPSTREAM_DATA> 태그로 감싸기."""
    escaped = _escape_envelope_tags(text)
    return f"<UPSTREAM_DATA>\n{escaped}\n</UPSTREAM_DATA>"


def _escape_envelope_tags(text: str) -> str:
    """L2 보조: 태그 이스케이프."""
    return text.replace("</UPSTREAM_DATA>", "&lt;/UPSTREAM_DATA&gt;")


def sanitize(text: str) -> tuple[str, int]:
    """전체 Sanitize 파이프라인 (L1 + L2).

    Returns:
        (sanitized_and_wrapped_text, total_flagged_count)
    """
    cleaned, flagged = sanitize_l1(text)
    wrapped = wrap_upstream(cleaned)
    return wrapped, flagged


def check_gate(flagged_count: int, threshold: int = 3) -> bool:
    """L3: 오케스트레이터 게이트. flagged_count >= threshold이면 True(중단 필요)."""
    return flagged_count >= threshold


def check_error_gate(error: bool, fallback_used: bool) -> bool:
    """L4: 에러 자동 제외. error=True AND fallback 미사용이면 True(중단 필요)."""
    return error and not fallback_used