import re

_TECH_PATTERNS = (
    r"traceback",
    r"sqlite3\.",
    r"operationalerror|integrityerror|programmingerror|databaseerror",
    r"attributeerror|typeerror|valueerror|keyerror|indexerror",
    r"modulenotfounderror|importerror|filenotfounderror|permissionerror",
    r"no such column|no such table|database is locked",
    r"connectionerror|timeouterror|connection timed out|read timed out",
    r"\bhttp\s*[45]\d{2}\b",
    r"\bstatus(?:\s*code)?\s*[:=]?\s*[45]\d{2}\b",
    r"\berror\s*[45]\d{2}\b",
    r"err_[a-z0-9_]+",
    r"[a-z]:\\[^\\\n]+",
    r"\.py\", line \d+",
)


def _looks_technical(text: str) -> bool:
    candidate = str(text or "").strip()
    if not candidate:
        return False
    lower = candidate.lower()
    for pattern in _TECH_PATTERNS:
        if re.search(pattern, lower):
            return True
    return False


def _friendly_message(level: str, message: str) -> str:
    lower = str(message or "").lower()
    # edited by glg
    # Pesan UI umum tidak boleh memaksa semua 401/403 menjadi error login.
    # Mapping 401/403 khusus login ditangani di LoginController/AuthService.
    if "ep_seed_per_employee_bootstrap" in lower or "endpoint seed akun awal terblokir jwt" in lower:
        return (
            "Sinkronisasi akun awal membutuhkan endpoint bootstrap non-JWT. "
            "Hubungi admin endpoint untuk mengisi `ep_seed_per_employee_bootstrap`."
        )
    if "database is locked" in lower:
        return "Data sedang diproses. Silakan tunggu beberapa saat lalu coba lagi."
    if "no such column" in lower or "no such table" in lower:
        return "Struktur data belum sesuai versi aplikasi. Silakan sinkronisasi data atau hubungi teknisi."
    if (
        "http_error_" in lower
        or "/eusvc/" in lower
        or "/nonrest/" in lower
        or "/prodiskon/" in lower
        or "server error" in lower
    ):
        return (
            "Terjadi error pada endpoint server. "
            "Silakan cek koneksi dan konfigurasi endpoint, lalu coba lagi."
        )
    if (
        "timeout" in lower
        or "connection timed out" in lower
        or "read timed out" in lower
        or "connectionerror" in lower
        or "newconnectionerror" in lower
        or "max retries exceeded" in lower
        or "temporary failure in name resolution" in lower
        or "name or service not known" in lower
        or "nodename nor servname provided" in lower
        or "failed to establish a new connection" in lower
        or "dns" in lower
    ):
        return "Koneksi ke endpoint server sedang bermasalah. Periksa jaringan lalu coba lagi."
    if "printer" in lower or "usb" in lower or "escpos" in lower or "spooler" in lower:
        return "Proses cetak gagal. Periksa koneksi dan pengaturan printer."
    if "ssl" in lower or "certificate" in lower:
        return "Koneksi aman ke server gagal. Periksa sertifikat server atau tanggal/jam perangkat."
    if "permission" in lower or "denied" in lower:
        return "Aplikasi tidak memiliki izin akses yang diperlukan. Hubungi teknisi."
    if str(level).lower() == "critical":
        return "Terjadi kesalahan pada proses. Silakan coba lagi."
    if str(level).lower() == "warning":
        return "Proses tidak dapat dilanjutkan. Periksa data lalu coba lagi."
    return "Informasi tidak dapat ditampilkan secara detail."


def sanitize_ui_message(level: str, message: str):
    raw = str(message or "").strip()
    if not raw:
        return _friendly_message(level, raw), True
    # edited by glg
    # Pesan panduan bisnis untuk kasir tidak boleh dipotong menjadi generik.
    lower = raw.lower()
    if "web admin" in lower and "harga" in lower and "sinkronisasi" in lower:
        return raw, False
    if _looks_technical(raw):
        return _friendly_message(level, raw), True
    return raw, False