*** Settings ***
Documentation    Lightweight wrappers around RequestsLibrary that auto-inject
...              the CSRF X-BanGUI-Request header and rotate X-Forwarded-For
...              to bypass per-IP rate limits. Requires a logged-in session
...              named 'bangsess' (created via Login Via HTTP in auth.resource).

*** Keywords ***
Build Headers
    [Documentation]    Returns a headers dict with X-BanGUI-Request always set
    ...                and X-Forwarded-For rotated if ${XFF_HEADER} is set.
    [Arguments]    ${extra_headers}=${None}
    ${headers}=    Create Dictionary    X-BanGUI-Request    1
    IF    "${XFF_HEADER}" != ""
        Set To Dictionary    ${headers}    X-Forwarded-For    ${XFF_HEADER}
    END
    IF    "${extra_headers}" != "${None}"
        FOR    ${key}    IN    @{extra_headers.keys()}
            Set To Dictionary    ${headers}    ${key}    ${extra_headers}[${key}]
        END
    END
    RETURN    ${headers}

Api Get
    [Documentation]    GET wrapper that injects CSRF + XFF headers.
    [Arguments]    ${url_path}    ${expected_status}=200    ${params}=${None}
    ${headers}=    Build Headers
    ${kwargs}=    Create Dictionary    headers    ${headers}    expected_status    ${expected_status}
    IF    "${params}" != "${None}"
        Set To Dictionary    ${kwargs}    params    ${params}
    END
    ${resp}=    GET On Session    bangsess    ${url_path}    &{kwargs}
    RETURN    ${resp}

Api Post
    [Documentation]    POST wrapper that injects CSRF + XFF headers.
    [Arguments]    ${url_path}    ${payload}=${EMPTY}    ${expected_status}=200
    ${headers}=    Build Headers
    IF    "${payload}" != "${EMPTY}"
        ${resp}=    POST On Session    bangsess    ${url_path}
        ...    json=${payload}    headers=${headers}    expected_status=${expected_status}
    ELSE
        ${resp}=    POST On Session    bangsess    ${url_path}
        ...    headers=${headers}    expected_status=${expected_status}
    END
    RETURN    ${resp}

Api Put
    [Documentation]    PUT wrapper that injects CSRF + XFF headers.
    [Arguments]    ${url_path}    ${payload}    ${expected_status}=200
    ${headers}=    Build Headers
    ${resp}=    PUT On Session    bangsess    ${url_path}
    ...    json=${payload}    headers=${headers}    expected_status=${expected_status}
    RETURN    ${resp}

Api Delete
    [Documentation]    DELETE wrapper that injects CSRF + XFF headers.
    [Arguments]    ${url_path}    ${payload}=${EMPTY}    ${expected_status}=200
    ${headers}=    Build Headers
    IF    "${payload}" != "${EMPTY}"
        ${resp}=    DELETE On Session    bangsess    ${url_path}
        ...    json=${payload}    headers=${headers}    expected_status=${expected_status}
    ELSE
        ${resp}=    DELETE On Session    bangsess    ${url_path}
        ...    headers=${headers}    expected_status=${expected_status}
    END
    RETURN    ${resp}

Status Is Acceptable
    [Documentation]    Returns True if the response status is one of the accepted codes.
    [Arguments]    ${response}    @{accepted_codes}
    ${ok}=    Set Variable    ${FALSE}
    FOR    ${code}    IN    @{accepted_codes}
        IF    ${response.status_code} == ${code}
            ${ok}=    Set Variable    ${TRUE}
            EXIT FOR LOOP
        END
    END
    RETURN    ${ok}