#!/bin/bash
# PreToolUse enforcement: deep analysis + clarifying questions before any PWA edit.
# Blocks Edit/Write on index.html or sw.js until per-terminal clearance marker exists.
#
# Marker is per-terminal (uses process session ID so each terminal gets its own file).
# Marker path: /tmp/360lm_prebuild_<SID>   (valid 2 hours)
#
# To unblock after completing analysis:  touch /tmp/360lm_prebuild_<SID>
#   (the blocked message prints the exact path for this terminal)
# To force re-analysis for a new task:   rm -f /tmp/360lm_prebuild_<SID>

FILE=$(echo "$CLAUDE_TOOL_INPUT" | python3 -c \
  "import sys,json; d=json.load(sys.stdin); print(d.get('file_path',''))" 2>/dev/null)

# Only fire for PWA core files
if ! echo "$FILE" | grep -qE '/var/www/360lm/[^/]+/index\.html$|/var/www/360lm/[^/]+/sw\.js$'; then
  exit 0
fi

# Per-terminal session ID: all processes in the same terminal share the same SID
SID=$(ps -o sid= -p $$ 2>/dev/null | tr -d ' ')
[ -z "$SID" ] && SID="shared"
MARKER="/tmp/360lm_prebuild_${SID}"

if [ -f "$MARKER" ]; then
  AGE=$(( $(date +%s) - $(stat -c %Y "$MARKER") ))
  if [ "$AGE" -lt 7200 ]; then
    exit 0
  fi
  echo "⏰ Clearance expired ($(( AGE / 60 )) min ago — 2 hr TTL). Re-analysis required."
fi

cat <<BLOCK

╔══════════════════════════════════════════════════════════════════════╗
║  🚫  DEEP ANALYSIS REQUIRED — PWA EDIT BLOCKED                      ║
╚══════════════════════════════════════════════════════════════════════╝

Before the first PWA edit of any build / fix / feature / interconnection,
complete ALL steps IN ORDER:

  ① call advisor()
      Full architectural + safety review for this exact task.

  ② call AskUserQuestion  (interactive, minimum 3 questions)
      Cover every applicable category below:

      SCOPE       What screen / feature / flow is being changed?
                  Is this a new build, fix, improvement, or wiring?

      USERS       Who is affected?
                  harish / pramod / field staff / all users?
                  Any role-specific logic or PIN gating involved?

      EDGE CASES  Offline behaviour — what happens without network?
                  Partial completion — what if it fails halfway?
                  PIN / auth flows — any sensitive field changes?

      CROSS-PWA   Does this touch: hub session format, slides-proxy,
                  PostgREST grants, shared SW, or any other PWA?
                  Any trigger / event / shared data dependency?

      DB          Are SQL migrations needed?
                  Will existing rows / views / RPCs be affected?

      ROLLBACK    What breaks if this goes wrong?
                  Is it reversible without a migration?

  ③ After completing ① and ②, unblock THIS terminal with:
        touch $MARKER
      Then retry the edit.

  ─────────────────────────────────────────────────────────────────────
  To force re-analysis for a new task mid-session:
        rm -f $MARKER
  ─────────────────────────────────────────────────────────────────────
  (Each terminal has its own marker — other sessions are unaffected)
  ─────────────────────────────────────────────────────────────────────

BLOCK
exit 2
