package state

import (
	"fmt"
	"os"
	"path/filepath"
	"time"
)

var quarantineCorruptFileImpl = quarantineCorruptFileDefault

// quarantineCorruptFile runs one orchestration or CLI step.
// Signature: quarantineCorruptFile(path string, payload []byte, replacement []byte, mode os.FileMode) error.
// Why: keeps behavior explicit so startup/shutdown workflows remain maintainable as services evolve.
func quarantineCorruptFile(path string, payload []byte, replacement []byte, mode os.FileMode) error {
	return quarantineCorruptFileImpl(path, payload, replacement, mode)
}

// quarantineCorruptFileDefault runs one orchestration or CLI step.
// Signature: quarantineCorruptFileDefault(path string, payload []byte, replacement []byte, mode os.FileMode) error.
// Why: keeps production file-healing behavior as the default while tests can
// deterministically force heal failures in root/sudo environments.
func quarantineCorruptFileDefault(path string, payload []byte, replacement []byte, mode os.FileMode) error {
	if err := os.MkdirAll(filepath.Dir(path), 0o750); err != nil {
		return err
	}
	backup := fmt.Sprintf("%s.corrupt-%s", path, time.Now().UTC().Format("20060102T150405Z"))
	if err := os.WriteFile(backup, payload, 0o600); err != nil {
		return fmt.Errorf("write backup %s: %w", backup, err)
	}
	if err := os.WriteFile(path, replacement, mode); err != nil {
		return fmt.Errorf("write replacement %s: %w", path, err)
	}
	return nil
}