{% extends "base.html" %}
{% block title %}{{ cve.cve_id if cve else cve_id }} - Hermetic Suite{% endblock %}

{% block content %}
<div class="page-header">
    <h1 class="icon" id="cve">{{ cve.cve_id if cve else cve_id }}</h1>
    <p class="subtitle">
        {% if cve %}
        <span class="badge badge-{{ cve.severity }}">{{ cve.severity | upper }}</span>
        {% if cve.cvss_v3_score %}CVSS: {{ cve.cvss_v3_score }}{% endif %}
        {% endif %}
        &bull; {{ affected_vulns | length }} server(s) affected
    </p>
</div>

{% if not cve %}
<div class="card">
    <div class="card-body">
        <p class="empty-state">⚠️ CVE details not found in cache. This CVE may have been detected by a scan but hasn't been fetched from NVD yet.</p>
        <p><a href="{{ url_for('cve.cve_page') }}" class="btn btn-secondary">← Back to CVE Database</a></p>
    </div>
</div>
{% else %}
<div class="card">
    <div class="card-header">
        <h2>Vulnerability Details</h2>
    </div>
    <div class="card-body">
        {% if cve.description %}
        <p>{{ cve.description }}</p>
        {% endif %}
        
        {% if cve.affected_products %}
        <div class="affected-products" style="margin-top: 1rem;">
            <strong>Affected Products:</strong>
            <ul style="margin-top: 0.5rem;">
                {% for product in cve.affected_products[:10] %}
                <li><code>{{ product }}</code></li>
                {% endfor %}
                {% if cve.affected_products | length > 10 %}
                <li><em>... and {{ cve.affected_products | length - 10 }} more</em></li>
                {% endif %}
            </ul>
        </div>
        {% endif %}
        
        {% if cve.cvss_v3_vector %}
        <div style="margin-top: 1rem;">
            <strong>CVSS Vector:</strong> <code>{{ cve.cvss_v3_vector }}</code>
        </div>
        {% endif %}
        
        <p style="margin-top: 1rem;">
            <a href="https://nvd.nist.gov/vuln/detail/{{ cve.cve_id }}" target="_blank" class="btn btn-secondary">
                View on NVD →
            </a>
        </p>
    </div>
</div>
{% endif %}

<div class="card">
    <div class="card-header">
        <h2>Affected Servers ({{ affected_vulns | length }})</h2>
        <div class="header-actions">
            {% set open_count = affected_vulns | selectattr('is_resolved', 'false') | selectattr('is_acknowledged', 'false') | list | length %}
            {% set unresolved_count = affected_vulns | selectattr('is_resolved', 'false') | list | length %}
            
            {% if open_count > 0 %}
            <form action="{{ url_for('cve.cve_detail', cve_id=cve.cve_id if cve else cve_id) }}" method="POST" style="display: inline;">
                <button type="submit" class="btn btn-sm btn-secondary" onclick="return confirm('Acknowledge this vulnerability on all {{ open_count }} unacknowledged servers?')">
                    ✓ Acknowledge All ({{ open_count }})
                </button>
            </form>
            {% endif %}
            
            {% if unresolved_count > 0 %}
            <form action="{{ url_for('cve.cve_detail', cve_id=cve.cve_id if cve else cve_id) }}" method="POST" style="display: inline;">
                <button type="submit" class="btn btn-sm btn-success" onclick="return confirm('Mark this vulnerability as resolved on all {{ unresolved_count }} servers?')">
                    ✔ Resolve All ({{ unresolved_count }})
                </button>
            </form>
            {% endif %}
        </div>
    </div>
    <div class="card-body">
        {% if affected_vulns %}
        <table class="table">
            <thead>
                <tr>
                    <th>Server</th>
                    <th>Hostname</th>
                    <th>Service</th>
                    <th>Port</th>
                    <th>First Detected</th>
                    <th>Status</th>
                    <th>Actions</th>
                </tr>
            </thead>
            <tbody>
                {% for vuln in affected_vulns %}
                <tr class="{% if vuln.is_acknowledged %}acknowledged{% endif %} {% if vuln.is_resolved %}resolved{% endif %}">
                    <td>
                        <a href="{{ url_for('servers.server_detail', server_id=vuln.server_id) }}">
                            {{ vuln.server.ip_address }}
                        </a>
                    </td>
                    <td>{{ vuln.server.hostname or '-' }}</td>
                    <td>{{ vuln.affected_service or '-' }}</td>
                    <td>{{ vuln.affected_port or '-' }}</td>
                    <td>{{ vuln.first_detected.strftime('%Y-%m-%d %H:%M') if vuln.first_detected else '-' }}</td>
                    <td>
                        {% if vuln.is_resolved %}
                            <span class="badge badge-success">Resolved</span>
                            {% if vuln.resolved_reason %}
                            <small class="text-muted">({{ vuln.resolved_reason }})</small>
                            {% endif %}
                        {% elif vuln.is_acknowledged %}
                            <span class="badge badge-warning">Acknowledged</span>
                        {% else %}
                            <span class="badge badge-danger">Open</span>
                        {% endif %}
                    </td>
                    <td class="actions">
                        {% if not vuln.is_resolved %}
                            {% if not vuln.is_acknowledged %}
                            <button type="button" class="btn btn-sm btn-secondary" title="Acknowledge"
                                onclick="showAcknowledgeModal({{ vuln.id }}, '{{ vuln.server.ip_address }}')">✓</button>
                            {% endif %}
                            <button type="button" class="btn btn-sm btn-success" title="Mark Resolved"
                                onclick="showResolveModal({{ vuln.id }}, '{{ vuln.server.ip_address }}')">✔</button>
                        {% else %}
                            <span class="text-muted">{{ vuln.resolved_at.strftime('%Y-%m-%d') if vuln.resolved_at else '' }}</span>
                        {% endif %}
                    </td>
                </tr>
                {% endfor %}
            </tbody>
        </table>
        {% else %}
        <p class="empty-state">No servers are currently affected by this CVE.</p>
        {% endif %}
    </div>
</div>

<div class="card">
    <div class="card-header">
        <h2>References</h2>
    </div>
    <div class="card-body">
        <ul>
            <li><a href="https://nvd.nist.gov/vuln/detail/{{ cve.cve_id if cve else cve_id }}" target="_blank">NVD - {{ cve.cve_id if cve else cve_id }}</a></li>
            <li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name={{ cve.cve_id if cve else cve_id }}" target="_blank">MITRE - {{ cve.cve_id if cve else cve_id }}</a></li>
            <li><a href="https://www.google.com/search?q={{ cve.cve_id if cve else cve_id }}+patch" target="_blank">Search for patches</a></li>
            {% if cve and cve.references %}
            {% for ref in cve.references[:5] %}
            <li><a href="{{ ref }}" target="_blank">{{ ref | truncate(60) }}</a></li>
            {% endfor %}
            {% endif %}
        </ul>
    </div>
</div>

<style>
.recommendation {
    background: var(--bg-secondary);
    padding: 1rem;
    border-radius: 8px;
    margin-top: 1rem;
}
tr.acknowledged {
    opacity: 0.7;
}
tr.resolved {
    opacity: 0.5;
}
.header-actions {
    display: flex;
    gap: 0.5rem;
}
.badge-success {
    background: var(--success);
}
.badge-warning {
    background: #f59e0b;
}
.badge-danger {
    background: var(--danger);
}
.affected-products code {
    font-size: 0.85em;
    background: var(--bg-secondary);
    padding: 0.2em 0.4em;
    border-radius: 4px;
}
.modal {
    position: fixed;
    top: 0;
    left: 0;
    width: 100%;
    height: 100%;
    background: rgba(0, 0, 0, 0.6);
    z-index: 1000;
    display: flex;
    align-items: center;
    justify-content: center;
}
.modal-content {
    background: var(--bg-primary);
    border-radius: 8px;
    width: 90%;
    max-width: 500px;
    box-shadow: 0 4px 20px rgba(0, 0, 0, 0.3);
}
.modal-header {
    display: flex;
    justify-content: space-between;
    align-items: center;
    padding: 1rem 1.5rem;
    border-bottom: 1px solid var(--border);
}
.modal-header h3 {
    margin: 0;
}
.modal-close {
    background: none;
    border: none;
    font-size: 1.5rem;
    cursor: pointer;
    color: var(--text-muted);
}
.modal-close:hover {
    color: var(--text-primary);
}
.modal-body {
    padding: 1.5rem;
}
.modal-footer {
    padding: 1rem 1.5rem;
    border-top: 1px solid var(--border);
    display: flex;
    justify-content: flex-end;
    gap: 0.5rem;
}
</style>

<!-- Acknowledge Modal -->
<div id="acknowledge-modal" class="modal" style="display: none;">
    <div class="modal-content">
        <div class="modal-header">
            <h3>Acknowledge Vulnerability</h3>
            <button type="button" class="modal-close" onclick="closeModal('acknowledge-modal')">&times;</button>
        </div>
        <form id="acknowledge-form" method="POST">
            <input type="hidden" name="redirect" value="{{ request.url }}">
            <div class="modal-body">
                <p>Acknowledging {{ cve.cve_id if cve else cve_id }} on: <strong id="ack-vuln-name"></strong></p>
                <div class="form-group">
                    <label for="ack-reason">Reason / Notes</label>
                    <textarea id="ack-reason" name="reason" rows="3" 
                        placeholder="e.g., Reviewed - low risk in our environment"></textarea>
                </div>
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-secondary" onclick="closeModal('acknowledge-modal')">Cancel</button>
                <button type="submit" class="btn btn-primary">Acknowledge</button>
            </div>
        </form>
    </div>
</div>

<!-- Resolve Modal -->
<div id="resolve-modal" class="modal" style="display: none;">
    <div class="modal-content">
        <div class="modal-header">
            <h3>Resolve Vulnerability</h3>
            <button type="button" class="modal-close" onclick="closeModal('resolve-modal')">&times;</button>
        </div>
        <form id="resolve-form" method="POST">
            <input type="hidden" name="redirect" value="{{ request.url }}">
            <div class="modal-body">
                <p>Resolving {{ cve.cve_id if cve else cve_id }} on: <strong id="resolve-vuln-name"></strong></p>
                <div class="form-group">
                    <label for="resolve-reason">Resolution Reason</label>
                    <select id="resolve-reason" name="reason">
                        <option value="patched">Patched - Applied security update</option>
                        <option value="mitigated">Mitigated - Applied workaround</option>
                        <option value="false_positive">False Positive - Not actually vulnerable</option>
                        <option value="accepted_risk">Accepted Risk - Will not fix</option>
                    </select>
                </div>
                <div class="form-group">
                    <label for="resolve-notes">Notes (optional)</label>
                    <textarea id="resolve-notes" name="notes" rows="2" 
                        placeholder="e.g., Updated package to latest version"></textarea>
                </div>
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-secondary" onclick="closeModal('resolve-modal')">Cancel</button>
                <button type="submit" class="btn btn-success">Mark Resolved</button>
            </div>
        </form>
    </div>
</div>

<script>
function showAcknowledgeModal(vulnId, serverIp) {
    document.getElementById('ack-vuln-name').textContent = serverIp;
    document.getElementById('acknowledge-form').action = '/vulnerabilities/' + vulnId + '/acknowledge';
    document.getElementById('ack-reason').value = '';
    document.getElementById('acknowledge-modal').style.display = 'flex';
}

function showResolveModal(vulnId, serverIp) {
    document.getElementById('resolve-vuln-name').textContent = serverIp;
    document.getElementById('resolve-form').action = '/vulnerabilities/' + vulnId + '/resolve';
    document.getElementById('resolve-reason').value = 'patched';
    document.getElementById('resolve-notes').value = '';
    document.getElementById('resolve-modal').style.display = 'flex';
}

function closeModal(modalId) {
    document.getElementById(modalId).style.display = 'none';
}

document.addEventListener('keydown', function(e) {
    if (e.key === 'Escape') {
        document.querySelectorAll('.modal').forEach(m => m.style.display = 'none');
    }
});

document.querySelectorAll('.modal').forEach(modal => {
    modal.addEventListener('click', function(e) {
        if (e.target === this) {
            this.style.display = 'none';
        }
    });
});
</script>
{% endblock %}