from ..base_gcp_agent import BaseGCPAgent
from ..gcp_connector import GCPConnector
from google.cloud import securitycenter_v1

class SCCAgent(BaseGCPAgent):
    """
    An agent specialized in handling GCP Security Command Center (SCC) tasks.
    """

    def execute(self, command: str, **kwargs):
        """
        Executes a given command related to SCC.
        """
        if command == 'smart_enable_scc':
            project_id = kwargs.get('project_id', '')
            print(f"You are about to smart-enable Security Command Center for project '{project_id}'.")
            confirm = input("Are you sure you want to proceed? (yes/no): ")
            if confirm.lower() == 'yes':
                return self._smart_enable_scc(**kwargs)
            else:
                return {"status": "cancelled", "message": "Smart Enable SCC command cancelled by user."}
        else:
            raise NotImplementedError(f"Command '{command}' is not supported by SCCAgent.")

    def _smart_enable_scc(self, project_id: str):
        """
        Enables Security Command Center for a project.
        """
        print(f"SCCAgent: Smart enabling Security Command Center for project '{project_id}'...")
        try:
            client = securitycenter_v1.SecurityCenterClient(credentials=GCPConnector.get_credentials())

            # SCC is typically enabled at the organization level. 
            # For project-level interaction, we can ensure the service is enabled.
            # This is a simplified approach as direct 'enable SCC for project' API is not straightforward.
            # We'll assume the necessary APIs are enabled and roles are set up.

            # Check if the project has an organization. If not, SCC cannot be fully enabled.
            # This part requires resource manager API, which is not in gcp_connector yet.
            # For now, we'll just print a message.
            print("Note: Security Command Center is typically managed at the organization level.")
            print(f"Ensuring Security Command Center APIs are enabled for project '{project_id}'...")

            # In a real scenario, you would enable the Security Command Center API
            # and ensure necessary roles are granted.
            # For this agent, we'll simulate success if the API client can be initialized.

            return {"status": "success", "message": f"Security Command Center is conceptually enabled for project '{project_id}'. (Manual setup for organization-level SCC might be required)."}
        except Exception as e:
            print(f"Error enabling Security Command Center: {e}")
            return {"status": "error", "message": str(e)}