/**
 * Privacy Settings Validation
 * 
 * Provides Zod schemas for runtime validation of privacy settings.
 * 
 * Usage:
 * ```typescript
 * const validated = privacyFormSchema.parse(userInput);
 * ```
 * 
 * Security:
 * - All user inputs must be validated before database writes
 * - Prevents injection attacks and data corruption
 * - Ensures data integrity with type-safe validation
 */

import { z } from 'zod';

/**
 * Schema for privacy settings in user_preferences
 * Uses defaults for backward compatibility with incomplete data
 */
export const privacySettingsSchema = z.object({
  activity_visibility: z.enum(['public', 'private'] as const).default('public'),
  search_visibility: z.boolean().default(true),
  show_location: z.boolean().default(false),
  show_age: z.boolean().default(false),
  show_avatar: z.boolean().default(true),
  show_bio: z.boolean().default(true),
  show_activity_stats: z.boolean().default(true),
  show_home_park: z.boolean().default(false)
}).passthrough();

/**
 * Schema for profile privacy settings
 */
export const profilePrivacySchema = z.object({
  privacy_level: z.enum(['public', 'private'] as const),
  show_pronouns: z.boolean()
});

/**
 * Combined schema for privacy form
 */
export const privacyFormSchema = privacySettingsSchema.merge(profilePrivacySchema);

/**
 * Schema for blocking a user
 */
export const blockUserSchema = z.object({
  blocked_id: z.string().uuid('Invalid user ID'),
  reason: z.string().max(500, 'Reason must be 500 characters or less').optional()
});

/**
 * Default privacy settings for new users
 */
export const DEFAULT_PRIVACY_SETTINGS = {
  activity_visibility: 'public' as const,
  search_visibility: true,
  show_location: false,
  show_age: false,
  show_avatar: true,
  show_bio: true,
  show_activity_stats: true,
  show_home_park: false
};