use serde::{Deserialize, Serialize};
use std::sync::{Arc, Mutex};
use uuid::Uuid;

#[derive(Clone, Debug, Serialize, Deserialize)]
pub struct AuditEvent {
    pub ts_ms: u64,
    pub principal_sub: String,
    pub action: String,
    pub tenant_id: Option<Uuid>,
    pub reason: String,
    pub job_id: Option<Uuid>,
}

#[derive(Clone, Default)]
pub struct AuditStore {
    inner: Arc<Mutex<Vec<AuditEvent>>>,
}

impl AuditStore {
    pub fn record(&self, event: AuditEvent) {
        let mut events = self.inner.lock().expect("audit lock poisoned");
        events.push(event);
    }

    pub fn list_recent(&self, limit: usize) -> Vec<AuditEvent> {
        let events = self.inner.lock().expect("audit lock poisoned");
        let start = events.len().saturating_sub(limit);
        events[start..].to_vec()
    }
}