{% extends "base.html" %}

{% block content %}
    <h1 class="mb-4">Connected Systems Studio</h1>

    {% if error %}
        <div class="alert alert-danger" role="alert">{{ error }}</div>
    {% endif %}
    {% if success %}
        <div class="alert alert-success" role="alert">{{ success }}</div>
    {% endif %}

    <div class="card mb-4">
        <div class="card-header">Studio Scope</div>
        <div class="card-body">
            <p class="mb-2">Connected Systems Studio now supports saved connections, secure credential separation, connection testing, natural-language queries, and request traces.</p>
            <p class="mb-0">Use the selected connection to ask high-level questions and inspect the exact SQL, REST request, or ESQL QD generated.</p>
        </div>
    </div>

    <div class="row">
        <div class="col-lg-4">
            <div class="card mb-4">
                <div class="card-header">Saved Connections</div>
                <div class="card-body">
                    <div class="mb-3 d-flex align-items-center justify-content-between">
                        <div class="small text-muted">Private and org-shared connections you can access.</div>
                        <a class="btn btn-secondary btn-sm" href="{{ url_for('connected_systems') }}?action=new">New Connection</a>
                    </div>
                    {% if connections %}
                        <div class="list-group">
                            {% for item in connections %}
                                <a
                                    href="{{ url_for('connected_systems') }}?connection_id={{ item.connection_id }}"
                                    class="list-group-item list-group-item-action bg-transparent text-light {% if selected_connection_id == item.connection_id %}active{% endif %}"
                                >
                                    <div class="d-flex justify-content-between align-items-center">
                                        <strong>{{ item.name }}</strong>
                                        <span class="badge badge-info">{{ item.system_type }}</span>
                                    </div>
                                    <div class="small text-muted">{{ item.base_url or item.resource_path or "No endpoint configured" }}</div>
                                    <div class="small mt-1">
                                        Last test: {{ item.last_test_status or "not run" }}
                                        {% if item.has_credentials %}
                                            | credentials saved
                                        {% endif %}
                                    </div>
                                </a>
                            {% endfor %}
                        </div>
                    {% else %}
                        <p class="mb-0">No saved connections yet.</p>
                    {% endif %}
                    {% if selected_connection_id %}
                        <form method="POST" class="mt-3">
                            <input type="hidden" name="action" value="clone">
                            <input type="hidden" name="connection_id" value="{{ selected_connection_id }}">
                            <button class="btn btn-secondary btn-sm" type="submit">Clone Selected Connection</button>
                        </form>
                    {% endif %}
                </div>
            </div>

            <div class="card mb-4">
                <div class="card-header">Selected Connection</div>
                <div class="card-body">
                    {% if selected_connection %}
                        <p><strong>Name:</strong> {{ selected_connection.name }}</p>
                        <p><strong>Type:</strong> {{ selected_connection.system_type }}</p>
                        <p><strong>Auth:</strong> {{ selected_connection.auth_type }}</p>
                        <p><strong>Target:</strong> {{ selected_connection.base_url or selected_connection.resource_path or "n/a" }}</p>
                        <p><strong>OpenAPI Spec:</strong> {{ selected_connection.openapi_spec_url or "n/a" }}</p>
                        <p><strong>Org:</strong> {{ selected_connection.org_id or "n/a" }}</p>
                        <p><strong>Has credentials:</strong> {{ "yes" if selected_connection.has_credentials else "no" }}</p>
                        <p><strong>Credential Backend:</strong> {{ selected_connection.credential_backend or "none" }}</p>
                        <p><strong>Sharing:</strong> {{ selected_connection.sharing_scope }}</p>
                        <p><strong>Manage Access:</strong> {{ "owner/publisher" if can_manage_selected else "read-only" }}</p>
                        {% if health_summary %}
                            <p><strong>Health:</strong> {{ health_summary.status }}</p>
                            <p><strong>Retry Recommended:</strong> {{ "yes" if health_summary.retry_recommended else "no" }}</p>
                        {% endif %}
                    {% else %}
                        <p class="mb-0">Select a saved connection to inspect it.</p>
                    {% endif %}
                </div>
            </div>

            {% if usage_summary %}
                <div class="card mb-4">
                    <div class="card-header">Governance Summary</div>
                    <div class="card-body">
                        <div class="row">
                            <div class="col-6 mb-2"><strong>Total Connections:</strong> {{ usage_summary.total_connections }}</div>
                            <div class="col-6 mb-2"><strong>Org Shared:</strong> {{ usage_summary.org_shared_connections }}</div>
                            <div class="col-6 mb-2"><strong>Saved Recipes:</strong> {{ usage_summary.saved_recipes }}</div>
                            <div class="col-6 mb-2"><strong>Total Queries:</strong> {{ usage_summary.total_queries }}</div>
                            <div class="col-6 mb-2"><strong>Failed Queries:</strong> {{ usage_summary.failed_queries }}</div>
                            <div class="col-6 mb-2"><strong>Unhealthy:</strong> {{ usage_summary.unhealthy_connections }}</div>
                        </div>
                        <div class="small text-muted mt-2">
                            Shared publishing: {{ "enabled for this user" if can_publish_shared_assets else "restricted to configured publisher IDs" }}
                        </div>
                    </div>
                </div>
            {% endif %}

            <div class="card mb-4">
                <div class="card-header">Quick Examples</div>
                <div class="card-body">
                    <ul class="mb-0 pl-3">
                        <li>`Elastic REST`: `https://demo1:9250/my_cluster`</li>
                        <li>`Elastic ESQL`: same endpoint, QD can issue read-only ESQL</li>
                        <li>`OpenSearch`: `https://search.example.com`</li>
                        <li>`SQLite`: `/tmp/events.sqlite`</li>
                        <li>`Postgres`: `postgresql://user:pass@db.example.com:5432/appdb`</li>
                        <li>`GitLab API`: `https://gitlab.example.com`</li>
                        <li>`Generic REST`: `https://api.example.com`</li>
                    </ul>
                </div>
            </div>
        </div>

        <div class="col-lg-8">
            <div class="card mb-4">
                <div class="card-header">Natural-Language Setup</div>
                <div class="card-body">
                    <form method="POST" class="mb-3">
                        <input type="hidden" name="action" value="interpret_setup">
                        <div class="form-group">
                            <label>Describe the connection you want QD to remember</label>
                            <textarea
                                class="form-control"
                                name="request_text"
                                rows="4"
                                placeholder="Connect to my elastic cluster at https://demo1:9250/my_cluster and use chris as username and password1 as password and remember it"
                            >{{ setup_form.request_text }}</textarea>
                        </div>
                        <div class="d-flex flex-wrap align-items-center">
                            <button class="btn btn-primary mr-2" type="submit">Interpret Draft</button>
                            <div class="small text-muted">
                                QD will extract a connection draft, show a preview, and wait for explicit save confirmation.
                            </div>
                        </div>
                    </form>

                    {% if interpreted_setup %}
                        <div class="border rounded p-3">
                            <div class="d-flex justify-content-between align-items-center mb-2">
                                <strong>Interpreted Draft Preview</strong>
                                <form method="POST" class="mb-0">
                                    <input type="hidden" name="action" value="discard_interpreted">
                                    <input type="hidden" name="pending_draft_id" value="{{ interpreted_setup.pending_draft_id }}">
                                    <button class="btn btn-secondary btn-sm" type="submit">Discard Draft</button>
                                </form>
                            </div>
                            <p class="mb-2"><strong>Intent:</strong> {{ interpreted_setup.interpreted_intent }}</p>
                            <div class="row">
                                <div class="col-md-6">
                                    <p><strong>Name:</strong> {{ interpreted_setup.draft.name }}</p>
                                    <p><strong>Type:</strong> {{ interpreted_setup.draft.system_type }}</p>
                                    <p><strong>Base URL:</strong> {{ interpreted_setup.draft.base_url or "n/a" }}</p>
                                    <p><strong>Path:</strong> {{ interpreted_setup.draft.resource_path or "n/a" }}</p>
                                    <p><strong>Default Index:</strong> {{ interpreted_setup.draft.default_index or "n/a" }}</p>
                                </div>
                                <div class="col-md-6">
                                    <p><strong>Auth:</strong> {{ interpreted_setup.credential_summary.auth_type }}</p>
                                    <p><strong>Username:</strong> {{ interpreted_setup.credential_summary.username or "n/a" }}</p>
                                    <p><strong>Password detected:</strong> {{ "yes" if interpreted_setup.credential_summary.has_password else "no" }}</p>
                                    <p><strong>Token detected:</strong> {{ "yes" if interpreted_setup.credential_summary.has_token else "no" }}</p>
                                    <p><strong>API key detected:</strong> {{ "yes" if interpreted_setup.credential_summary.has_api_key else "no" }}</p>
                                </div>
                            </div>
                            {% if interpreted_setup.warnings %}
                                <div class="alert alert-warning mb-0">
                                    <ul class="mb-0 pl-3">
                                        {% for item in interpreted_setup.warnings %}
                                            <li>{{ item }}</li>
                                        {% endfor %}
                                    </ul>
                                </div>
                            {% endif %}
                        </div>
                    {% else %}
                        <p class="mb-0 small text-muted">This mode is designed for demo-style setup. Parsed drafts are not persisted until you click Save Connection below.</p>
                    {% endif %}
                </div>
            </div>

            <div class="card mb-4">
                <div class="card-header">Query Workspace</div>
                <div class="card-body">
                    {% if selected_connection %}
                        <div class="mb-3 p-3 border rounded">
                            <div class="d-flex flex-wrap align-items-center justify-content-between">
                                <div>
                                    <div class="small text-muted">Active Connection</div>
                                    <div class="h5 mb-1">{{ selected_connection.name }}</div>
                                    <div class="small text-muted">
                                        {{ selected_connection.system_type }} |
                                        {{ selected_connection.base_url or selected_connection.resource_path or "No target configured" }}
                                    </div>
                                </div>
                                <div class="text-right small">
                                    <div>Org: {{ selected_connection.org_id or "n/a" }}</div>
                                    <div>Auth: {{ selected_connection.auth_type }}</div>
                                    <div>Last test: {{ selected_connection.last_test_status or "not run" }}</div>
                                </div>
                            </div>
                        </div>

                        <form method="POST" class="mb-4">
                            <input type="hidden" name="action" value="query">
                            <input type="hidden" name="connection_id" value="{{ selected_connection_id }}">
                            <div class="form-group">
                                <label>Ask a question about the selected system</label>
                                <textarea
                                    class="form-control"
                                    name="question"
                                    rows="4"
                                    placeholder="List all my indices, What tables are in this SQLite database?, Which services produced the most errors in the last 24 hours?"
                                >{{ query_form.question }}</textarea>
                            </div>
                            <div class="d-flex flex-wrap align-items-center">
                                <button class="btn btn-primary mr-2" type="submit">Run Query</button>
                                <div class="small text-muted">
                                    QD will translate the request into SQL, REST, or ESQL depending on the active connection type.
                                </div>
                            </div>
                        </form>

                        {% if openapi_operations %}
                            <div class="card mb-4">
                                <div class="card-header">OpenAPI Operations</div>
                                <div class="card-body">
                                    <div class="small text-muted mb-3">
                                        Route-aware planning is enabled from the configured OpenAPI specification.
                                    </div>
                                    <div class="row">
                                        {% for item in openapi_operations[:10] %}
                                            <div class="col-md-6 mb-3">
                                                <div class="border rounded p-3 h-100">
                                                    <div class="d-flex justify-content-between align-items-center mb-2">
                                                        <strong>{{ item.operation_id }}</strong>
                                                        <span class="badge badge-info">{{ item.method }}</span>
                                                    </div>
                                                    <div class="small text-muted mb-2">{{ item.path }}</div>
                                                    <div class="small">{{ item.summary or item.description or "No description provided." }}</div>
                                                </div>
                                            </div>
                                        {% endfor %}
                                    </div>
                                </div>
                            </div>
                        {% endif %}

                        <div class="card mb-4">
                            <div class="card-header">Connection Health</div>
                            <div class="card-body">
                                {% if health_summary %}
                                    <div class="d-flex flex-wrap align-items-center justify-content-between">
                                        <div>
                                            <p class="mb-1"><strong>Status:</strong> {{ health_summary.status }}</p>
                                            <p class="mb-1"><strong>Last Test:</strong> {{ health_summary.last_test_at or "never" }}</p>
                                            <p class="mb-0"><strong>Retry Recommended:</strong> {{ "yes" if health_summary.retry_recommended else "no" }}</p>
                                        </div>
                                        <form method="POST" class="mb-0">
                                            <input type="hidden" name="action" value="retest_connection">
                                            <input type="hidden" name="connection_id" value="{{ selected_connection_id }}">
                                            <button class="btn btn-secondary btn-sm" type="submit">Re-run Test</button>
                                        </form>
                                    </div>
                                {% else %}
                                    <p class="mb-0">No health information is available for the selected connection yet.</p>
                                {% endif %}
                            </div>
                        </div>

                        <div class="card mb-4">
                            <div class="card-header">Save Query As Recipe</div>
                            <div class="card-body">
                                <form method="POST">
                                    <input type="hidden" name="action" value="save_recipe">
                                    <input type="hidden" name="connection_id" value="{{ selected_connection_id }}">
                                    <div class="form-row">
                                        <div class="form-group col-md-4">
                                            <label>Recipe Title</label>
                                            <input class="form-control" name="recipe_title" value="{{ query_form.recipe_title }}" placeholder="Top Error Services">
                                        </div>
                                        <div class="form-group col-md-8">
                                            <label>Recipe Question</label>
                                            <input class="form-control" name="question" value="{{ query_form.question }}" placeholder="Which services produced the most errors in the last 24 hours?">
                                        </div>
                                    </div>
                                    <div class="form-row">
                                        <div class="form-group col-md-4">
                                            <label>Recipe Sharing</label>
                                            <select class="form-control" name="recipe_sharing_scope">
                                                <option value="private" {% if query_form.recipe_sharing_scope == 'private' %}selected{% endif %}>Private</option>
                                                <option value="org_shared" {% if query_form.recipe_sharing_scope == 'org_shared' %}selected{% endif %}>Org Shared</option>
                                            </select>
                                        </div>
                                        <div class="form-group col-md-8 d-flex align-items-end">
                                            <div class="small text-muted">
                                                Org-shared recipes are limited to configured publisher IDs.
                                            </div>
                                        </div>
                                    </div>
                                    <button class="btn btn-secondary btn-sm" type="submit">Save Recipe</button>
                                </form>
                            </div>
                        </div>

                        {% if recipes %}
                            <div class="card mb-4">
                                <div class="card-header">Recipes</div>
                                <div class="card-body">
                                    <div class="row">
                                        {% for recipe in recipes %}
                                            <div class="col-md-6 mb-3">
                                                <div class="border rounded p-3 h-100">
                                                    <div class="d-flex justify-content-between align-items-center mb-2">
                                                        <strong>{{ recipe.title }}</strong>
                                                        <div>
                                                            {% if recipe.source == "saved" %}
                                                                <span class="badge badge-secondary">Saved</span>
                                                                <span class="badge badge-info">{{ recipe.sharing_scope }}</span>
                                                            {% endif %}
                                                        </div>
                                                    </div>
                                                    <p class="small text-muted mb-2">{{ recipe.description }}</p>
                                                    <code class="d-block mb-3">{{ recipe.question }}</code>
                                                    <form method="POST" class="mb-0">
                                                        <input type="hidden" name="action" value="use_recipe">
                                                        <input type="hidden" name="connection_id" value="{{ selected_connection_id }}">
                                                        <input type="hidden" name="recipe_question" value="{{ recipe.question }}">
                                                        <button class="btn btn-secondary btn-sm" type="submit">Use Recipe</button>
                                                    </form>
                                                    {% if recipe.source == "saved" and recipe.can_manage %}
                                                        <div class="mt-2 d-flex flex-wrap align-items-center">
                                                            <form method="POST" class="mr-2 mb-2">
                                                                <input type="hidden" name="action" value="update_recipe_sharing">
                                                                <input type="hidden" name="connection_id" value="{{ selected_connection_id }}">
                                                                <input type="hidden" name="recipe_id" value="{{ recipe.recipe_id }}">
                                                                <input type="hidden" name="recipe_sharing_scope" value="{{ 'private' if recipe.sharing_scope == 'org_shared' else 'org_shared' }}">
                                                                <button class="btn btn-outline-light btn-sm" type="submit">
                                                                    Make {{ 'Private' if recipe.sharing_scope == 'org_shared' else 'Org Shared' }}
                                                                </button>
                                                            </form>
                                                            <form method="POST" class="mb-2">
                                                                <input type="hidden" name="action" value="delete_recipe">
                                                                <input type="hidden" name="connection_id" value="{{ selected_connection_id }}">
                                                                <input type="hidden" name="recipe_id" value="{{ recipe.recipe_id }}">
                                                                <button class="btn btn-danger btn-sm" type="submit" onclick="return confirm('Delete this recipe?');">Delete</button>
                                                            </form>
                                                        </div>
                                                    {% endif %}
                                                </div>
                                            </div>
                                        {% endfor %}
                                    </div>
                                </div>
                            </div>
                        {% endif %}

                        {% if is_elastic_connection %}
                            <div class="card mb-4">
                                <div class="card-header">Elastic Explorer</div>
                                <div class="card-body">
                                    <div class="d-flex flex-wrap align-items-center justify-content-between mb-3">
                                        <div>
                                            <div class="small text-muted">Flagship demo helpers for the selected Elastic connection.</div>
                                            <div class="small text-muted">Default index: {{ selected_connection.default_index or "*" }}</div>
                                        </div>
                                        <form method="POST" class="mb-0">
                                            <input type="hidden" name="action" value="discover_indices">
                                            <input type="hidden" name="connection_id" value="{{ selected_connection_id }}">
                                            <button class="btn btn-secondary btn-sm" type="submit">Discover Indices</button>
                                        </form>
                                    </div>
                                    {% if indices_result %}
                                        {% if indices_result.ok %}
                                            <div class="mb-2 small text-muted">Discovered {{ indices_result.indices | length }} indices.</div>
                                            <div class="table-responsive">
                                                <table class="table table-sm table-dark table-striped mb-0">
                                                    <thead>
                                                        <tr>
                                                            <th>Index</th>
                                                            <th>Health</th>
                                                            <th>Status</th>
                                                            <th>Docs</th>
                                                            <th>Store Size</th>
                                                        </tr>
                                                    </thead>
                                                    <tbody>
                                                        {% for item in indices_result.indices[:12] %}
                                                            <tr>
                                                                <td>{{ item.index }}</td>
                                                                <td>{{ item.health or "n/a" }}</td>
                                                                <td>{{ item.status or "n/a" }}</td>
                                                                <td>{{ item.docs_count or "n/a" }}</td>
                                                                <td>{{ item.store_size or "n/a" }}</td>
                                                            </tr>
                                                        {% endfor %}
                                                    </tbody>
                                                </table>
                                            </div>
                                        {% else %}
                                            <div class="alert alert-danger mb-0">{{ indices_result.error }}</div>
                                        {% endif %}
                                    {% else %}
                                        <p class="mb-0">Use index discovery to inspect the cluster before asking higher-level operational questions.</p>
                                    {% endif %}
                                </div>
                            </div>
                        {% endif %}

                        <div class="row">
                            <div class="col-lg-7">
                                <div class="card mb-3">
                                    <div class="card-header">Answer</div>
                                    <div class="card-body">
                                        {% if query_result %}
                                            <p class="mb-3">{{ query_result.answer }}</p>
                                            {% if query_result.result %}
                                                <details>
                                                    <summary>Raw Result Preview</summary>
                                                    <pre class="mb-0 mt-3">{{ query_result.result | tojson(indent=2) }}</pre>
                                                </details>
                                            {% endif %}
                                        {% else %}
                                            <p class="mb-0">Run a question to see a human-readable answer here.</p>
                                        {% endif %}
                                    </div>
                                </div>
                            </div>
                            <div class="col-lg-5">
                                <div class="card mb-3">
                                    <div class="card-header">Request Trace</div>
                                    <div class="card-body">
                                        {% if query_result %}
                                            <p><strong>Intent:</strong> {{ query_result.trace.intent }}</p>
                                            <p><strong>Planner:</strong> {{ query_result.trace.planner_source }}</p>
                                            <p><strong>Tool:</strong> {{ query_result.trace.tool_name }}</p>
                                            <p><strong>Execution:</strong> {{ query_result.trace.execution_ms }} ms</p>
                                            {% if query_result.trace.operation_name %}
                                                <p><strong>Operation:</strong> {{ query_result.trace.operation_name }}</p>
                                            {% endif %}
                                            {% if query_result.trace.method %}
                                                <p><strong>Method:</strong> {{ query_result.trace.method }}</p>
                                            {% endif %}
                                            {% if query_result.trace.url %}
                                                <p><strong>URL:</strong> {{ query_result.trace.url }}</p>
                                            {% endif %}
                                            {% if query_result.trace.sql %}
                                                <p class="mb-1"><strong>SQL</strong></p>
                                                <pre>{{ query_result.trace.sql }}</pre>
                                            {% endif %}
                                            {% if query_result.trace.esql %}
                                                <p class="mb-1"><strong>ESQL</strong></p>
                                                <pre>{{ query_result.trace.esql }}</pre>
                                            {% endif %}
                                            {% if query_result.trace.request_body %}
                                                <p class="mb-1"><strong>Request Body</strong></p>
                                                <pre>{{ query_result.trace.request_body | tojson(indent=2) }}</pre>
                                            {% endif %}
                                            {% if query_result.trace.query_params %}
                                                <p class="mb-1"><strong>Query Params</strong></p>
                                                <pre>{{ query_result.trace.query_params | tojson(indent=2) }}</pre>
                                            {% endif %}
                                            {% if query_result.trace.response_preview %}
                                                <p class="mb-1"><strong>Response Preview</strong></p>
                                                <pre>{{ query_result.trace.response_preview | tojson(indent=2) }}</pre>
                                            {% endif %}
                                        {% else %}
                                            <p class="mb-0">The trace panel will show the generated request and result preview after you run a query.</p>
                                        {% endif %}
                                    </div>
                                </div>
                            </div>
                        </div>

                        <div class="row">
                            <div class="col-lg-6">
                                <div class="card mb-3">
                                    <div class="card-header">Recent Query History</div>
                                    <div class="card-body">
                                        {% if history_items %}
                                            {% for item in history_items %}
                                                <div class="border rounded p-2 mb-2">
                                                    <div class="d-flex justify-content-between align-items-center">
                                                        <strong>{{ item.question }}</strong>
                                                        <span class="badge badge-{% if item.status == 'ok' %}success{% else %}danger{% endif %}">{{ item.status }}</span>
                                                    </div>
                                                    <div class="small text-muted">{{ item.completed_at }}</div>
                                                    <div class="small">{{ item.final_answer }}</div>
                                                </div>
                                            {% endfor %}
                                        {% else %}
                                            <p class="mb-0">No query history yet for this connection.</p>
                                        {% endif %}
                                    </div>
                                </div>
                            </div>
                            <div class="col-lg-6">
                                <div class="card mb-3">
                                    <div class="card-header">Audit Trail</div>
                                    <div class="card-body">
                                        {% if audit_items %}
                                            {% for item in audit_items %}
                                                <div class="border rounded p-2 mb-2">
                                                    <div class="d-flex justify-content-between align-items-center">
                                                        <strong>{{ item.action }}</strong>
                                                        <span class="badge badge-{% if item.status == 'ok' %}success{% else %}danger{% endif %}">{{ item.status }}</span>
                                                    </div>
                                                    <div class="small text-muted">{{ item.created_at }}</div>
                                                    {% if item.detail %}
                                                        <details class="mt-2">
                                                            <summary>Detail</summary>
                                                            <pre class="mb-0 mt-2">{{ item.detail | tojson(indent=2) }}</pre>
                                                        </details>
                                                    {% endif %}
                                                </div>
                                            {% endfor %}
                                        {% else %}
                                            <p class="mb-0">No audit events yet for this connection.</p>
                                        {% endif %}
                                    </div>
                                </div>
                            </div>
                        </div>
                    {% else %}
                        <p class="mb-2">Select or save a connection first.</p>
                        <p class="mb-0">The query workspace uses the active saved connection and keeps the generated request trace visible for demos.</p>
                    {% endif %}
                </div>
            </div>

            {% if usage_summary and usage_summary["items"] %}
                <div class="card mb-4">
                    <div class="card-header">Connection Usage Overview</div>
                    <div class="card-body">
                        <div class="table-responsive">
                            <table class="table table-sm table-dark table-striped mb-0">
                                <thead>
                                    <tr>
                                        <th>Name</th>
                                        <th>Scope</th>
                                        <th>Queries</th>
                                        <th>Recipes</th>
                                        <th>Failures</th>
                                        <th>Last Query</th>
                                    </tr>
                                </thead>
                                <tbody>
                                    {% for item in usage_summary["items"] %}
                                        <tr>
                                            <td>{{ item.name }}</td>
                                            <td>{{ item.sharing_scope }}</td>
                                            <td>{{ item.query_count }}</td>
                                            <td>{{ item.recipe_count }}</td>
                                            <td>{{ item.failed_query_count }}</td>
                                            <td>{{ item.last_query_at or "never" }}</td>
                                        </tr>
                                    {% endfor %}
                                </tbody>
                            </table>
                        </div>
                    </div>
                </div>
            {% endif %}

            <div class="card mb-4">
                <div class="card-header">Connection Editor{% if mode == 'edit' %}: Edit Saved Connection{% else %}: New Connection{% endif %}</div>
                <div class="card-body">
                    <form method="POST">
                        <input type="hidden" name="connection_id" value="{{ form_values.connection_id }}">
                        <input type="hidden" name="pending_draft_id" value="{{ form_values.pending_draft_id }}">

                        <div class="form-row">
                            <div class="form-group col-md-6">
                                <label>Name</label>
                                <input class="form-control" name="name" value="{{ form_values.name }}" placeholder="demo-elastic">
                            </div>
                            <div class="form-group col-md-3">
                                <label>System Type</label>
                                <select class="form-control" name="system_type">
                                    {% for value, label in type_options %}
                                        <option value="{{ value }}" {% if form_values.system_type == value %}selected{% endif %}>{{ label }}</option>
                                    {% endfor %}
                                </select>
                            </div>
                            <div class="form-group col-md-3">
                                <label>Auth Type</label>
                                <select class="form-control" name="auth_type">
                                    {% for value, label in auth_options %}
                                        <option value="{{ value }}" {% if form_values.auth_type == value %}selected{% endif %}>{{ label }}</option>
                                    {% endfor %}
                                </select>
                            </div>
                        </div>

                        <div class="form-group">
                            <label>Description</label>
                            <input class="form-control" name="description" value="{{ form_values.description }}" placeholder="Elastic demo cluster for product walkthroughs">
                        </div>

                        <div class="form-row">
                            <div class="form-group col-md-8">
                                <label>Base URL</label>
                                <input class="form-control" name="base_url" value="{{ form_values.base_url }}" placeholder="https://demo1:9250/my_cluster">
                            </div>
                            <div class="form-group col-md-4">
                                <label>Resource Path</label>
                                <input class="form-control" name="resource_path" value="{{ form_values.resource_path }}" placeholder="/tmp/events.sqlite">
                            </div>
                        </div>

                        <div class="form-row">
                            <div class="form-group col-md-4">
                                <label>Default Index</label>
                                <input class="form-control" name="default_index" value="{{ form_values.default_index }}" placeholder="logs-*">
                            </div>
                            <div class="form-group col-md-4">
                                <label>Default Database</label>
                                <input class="form-control" name="default_database" value="{{ form_values.default_database }}" placeholder="main">
                            </div>
                            <div class="form-group col-md-4">
                                <label>Default Schema</label>
                                <input class="form-control" name="default_schema" value="{{ form_values.default_schema }}" placeholder="public">
                            </div>
                        </div>

                        <div class="form-group">
                            <label>OpenAPI Spec URL or File Path</label>
                            <input class="form-control" name="openapi_spec_url" value="{{ form_values.openapi_spec_url }}" placeholder="https://api.example.com/openapi.json or /tmp/openapi.json">
                            <small class="form-text text-muted">Used only for Generic REST connections to discover operations and improve route planning.</small>
                        </div>

                        <div class="form-row">
                            <div class="form-group col-md-4">
                                <label>Username</label>
                                <input class="form-control" name="username" value="{{ form_values.username }}">
                            </div>
                            <div class="form-group col-md-4">
                                <label>Password</label>
                                <input class="form-control" type="password" name="password" value="{{ form_values.password }}">
                            </div>
                            <div class="form-group col-md-4">
                                <label>Bearer Token</label>
                                <input class="form-control" type="password" name="token" value="{{ form_values.token }}">
                            </div>
                        </div>

                        <div class="form-row">
                            <div class="form-group col-md-6">
                                <label>API Key</label>
                                <input class="form-control" type="password" name="api_key" value="{{ form_values.api_key }}">
                            </div>
                            <div class="form-group col-md-6">
                                <label>API Key Name</label>
                                <input class="form-control" name="api_key_name" value="{{ form_values.api_key_name }}" placeholder="Authorization or api_key">
                            </div>
                        </div>

                        <div class="form-row">
                            <div class="form-group col-md-4">
                                <label>Sharing Scope</label>
                                <select class="form-control" name="sharing_scope">
                                    <option value="private" {% if form_values.sharing_scope == 'private' %}selected{% endif %}>Private</option>
                                    <option value="org_shared" {% if form_values.sharing_scope == 'org_shared' %}selected{% endif %}>Org Shared</option>
                                </select>
                                <small class="form-text text-muted">
                                    Org-shared publishing is restricted to configured publisher IDs.
                                </small>
                            </div>
                            <div class="form-group col-md-4">
                                <label>Environment</label>
                                <input class="form-control" name="environment" value="{{ form_values.environment }}" placeholder="prod">
                            </div>
                            <div class="form-group col-md-4">
                                <label>Tags</label>
                                <input class="form-control" name="tags" value="{{ form_values.tags }}" placeholder="elastic, logs, demo">
                            </div>
                        </div>

                        <div class="form-row">
                            <div class="form-group col-md-6">
                                <label>Default Headers JSON</label>
                                <textarea class="form-control" name="default_headers" rows="5">{{ form_values.default_headers }}</textarea>
                                <small class="form-text text-muted">Do not put secrets or Authorization headers here.</small>
                            </div>
                            <div class="form-group col-md-6">
                                <label>Default Query Params JSON</label>
                                <textarea class="form-control" name="default_query_params" rows="5">{{ form_values.default_query_params }}</textarea>
                                <small class="form-text text-muted">Use for safe, reusable query defaults only.</small>
                            </div>
                        </div>

                        <div class="d-flex flex-wrap gap-2">
                            <button class="btn btn-primary mr-2" type="submit" name="action" value="save" {% if selected_connection_id and not can_manage_selected %}disabled{% endif %}>Save Connection</button>
                            <button class="btn btn-secondary mr-2" type="submit" name="action" value="test" {% if selected_connection_id and not can_manage_selected %}disabled{% endif %}>Test Connection</button>
                            <a class="btn btn-secondary mr-2" href="{{ url_for('connected_systems') }}?action=new">Clear Form</a>
                            {% if selected_connection_id and can_manage_selected %}
                                <button class="btn btn-danger" type="submit" name="action" value="delete" onclick="return confirm('Delete this connection?');">Delete Connection</button>
                            {% endif %}
                        </div>
                        {% if selected_connection_id and not can_manage_selected %}
                            <div class="small text-muted mt-2">This connection is read-only for your current user.</div>
                        {% endif %}
                    </form>
                </div>
            </div>

            <div class="card mb-4">
                <div class="card-header">Credential Management</div>
                <div class="card-body">
                    {% if selected_connection_id %}
                        <p class="small text-muted">
                            Rotate or replace the stored credentials for the selected connection without changing the rest of its metadata. The secret stays in the configured backend and is never rendered back after save.
                        </p>
                        <form method="POST">
                            <input type="hidden" name="connection_id" value="{{ selected_connection_id }}">
                            <div class="form-row">
                                <div class="form-group col-md-3">
                                    <label>Auth Type</label>
                                    <select class="form-control" name="auth_type">
                                        {% for value, label in auth_options %}
                                            <option value="{{ value }}" {% if form_values.auth_type == value %}selected{% endif %}>{{ label }}</option>
                                        {% endfor %}
                                    </select>
                                </div>
                                <div class="form-group col-md-3">
                                    <label>Username</label>
                                    <input class="form-control" name="username" value="{{ form_values.username }}">
                                </div>
                                <div class="form-group col-md-3">
                                    <label>Password</label>
                                    <input class="form-control" type="password" name="password" value="{{ form_values.password }}">
                                </div>
                                <div class="form-group col-md-3">
                                    <label>Bearer Token</label>
                                    <input class="form-control" type="password" name="token" value="{{ form_values.token }}">
                                </div>
                            </div>
                            <div class="form-row">
                                <div class="form-group col-md-6">
                                    <label>API Key</label>
                                    <input class="form-control" type="password" name="api_key" value="{{ form_values.api_key }}">
                                </div>
                                <div class="form-group col-md-6">
                                    <label>API Key Name</label>
                                    <input class="form-control" name="api_key_name" value="{{ form_values.api_key_name }}" placeholder="Authorization or api_key">
                                </div>
                            </div>
                            <div class="d-flex flex-wrap gap-2">
                                <button class="btn btn-secondary mr-2" type="submit" name="action" value="replace_credentials" {% if not can_manage_selected %}disabled{% endif %}>Update Credentials</button>
                                <button class="btn btn-danger" type="submit" name="action" value="clear_credentials" {% if not can_manage_selected %}disabled{% endif %} onclick="return confirm('Clear stored credentials for this connection?');">Clear Credentials</button>
                            </div>
                            {% if not can_manage_selected %}
                                <div class="small text-muted mt-2">Only the owner or a permitted shared publisher can rotate or clear credentials.</div>
                            {% endif %}
                        </form>
                    {% else %}
                        <p class="mb-0">Select a saved connection before rotating or clearing credentials.</p>
                    {% endif %}
                </div>
            </div>

            <div class="card mb-4">
                <div class="card-header">Connection Test Result</div>
                <div class="card-body">
                    {% if test_result %}
                        <pre class="mb-0">{{ test_result | tojson(indent=2) }}</pre>
                    {% else %}
                        <p class="mb-0">Run <strong>Test Connection</strong> to validate the current draft or selected saved connection.</p>
                    {% endif %}
                </div>
            </div>
        </div>
    </div>
{% endblock %}