import sanitizeHtml from 'sanitize-html';

const CARD_HTML_CONFIG: sanitizeHtml.IOptions = {
  allowedTags: [
    'p', 'br', 'strong', 'em', 'b', 'i', 'u',
    'ul', 'ol', 'li',
    'a',
    'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
    'blockquote',
    'span',
  ],
  allowedAttributes: {
    a: ['href', 'title', 'target', 'rel'],
    span: ['class'],
    '*': [],
  },
  allowedSchemes: ['http', 'https', 'mailto', 'tel'],
  allowedSchemesAppliedToAttributes: ['href'],
  transformTags: {
    a: sanitizeHtml.simpleTransform('a', { rel: 'noopener noreferrer', target: '_blank' }),
  },
  disallowedTagsMode: 'discard',
};

export function sanitizeCardHtml(input: string | null | undefined): string {
  if (!input) return '';
  return sanitizeHtml(input, CARD_HTML_CONFIG);
}

// Welcome text: solo formattazione inline base + a-capo. Niente link, niente liste.
const WELCOME_TEXT_CONFIG: sanitizeHtml.IOptions = {
  allowedTags: ['b', 'i', 'strong', 'em', 'br', 'p', 'div', 'span'],
  allowedAttributes: {},
  disallowedTagsMode: 'discard',
};

export function sanitizeWelcomeText(input: string | null | undefined): string {
  if (!input) return '';
  return sanitizeHtml(input, WELCOME_TEXT_CONFIG);
}

const HEX_COLOR_RE = /^#[0-9a-fA-F]{6}$/;
export function isValidHexColor(value: unknown): value is string {
  return typeof value === 'string' && HEX_COLOR_RE.test(value);
}