variable "rg_name" {
  type = string
}

variable "location" {
  type = string
}

variable "base_name" {
  type    = string
  default = null
}

variable "name" {
  type    = string
  default = null

  validation {
    condition = (
      (var.name != null && trimspace(var.name) != "") ||
      (var.base_name != null && trimspace(var.base_name) != "")
    )
    error_message = "Provide name or base_name with a non-empty value."
  }
}

variable "sku" {
  type    = string
  default = "Standard"

  validation {
    condition     = contains(["Standard", "RS0"], var.sku)
    error_message = "sku must be one of 'Standard' or 'RS0'."
  }
}

variable "storage_mode_type" {
  type    = string
  default = "LocallyRedundant"

  validation {
    condition     = contains(["GeoRedundant", "LocallyRedundant", "ZoneRedundant"], var.storage_mode_type)
    error_message = "storage_mode_type must be one of 'GeoRedundant', 'LocallyRedundant', or 'ZoneRedundant'."
  }
}

variable "cross_region_restore_enabled" {
  type    = bool
  default = false

  validation {
    condition     = var.cross_region_restore_enabled == false || var.storage_mode_type == "GeoRedundant"
    error_message = "cross_region_restore_enabled can only be true when storage_mode_type is 'GeoRedundant'."
  }
}

variable "soft_delete_enabled" {
  type    = bool
  default = true
}

variable "public_network_access_enabled" {
  type    = bool
  default = true
}

variable "immutability" {
  type    = string
  default = "Disabled"

  validation {
    condition     = contains(["Disabled", "Locked", "Unlocked"], var.immutability)
    error_message = "immutability must be one of 'Disabled', 'Locked', or 'Unlocked'."
  }
}

variable "identity" {
  type = object({
    type         = string
    identity_ids = optional(list(string))
  })
  default = null

  validation {
    condition = (
      var.identity == null ||
      contains([
        "SystemAssigned",
        "UserAssigned",
        "SystemAssigned, UserAssigned",
      ], var.identity.type)
    )
    error_message = "identity.type must be one of 'SystemAssigned', 'UserAssigned', or 'SystemAssigned, UserAssigned'."
  }

  validation {
    condition = (
      var.identity == null ||
      var.identity.type == "SystemAssigned" ||
      length(try(var.identity.identity_ids, [])) > 0
    )
    error_message = "identity.identity_ids must be provided when identity.type includes 'UserAssigned'."
  }
}

variable "tags" {
  type    = map(string)
  default = {}
}

variable "vm_backup_policies" {
  type = map(object({
    name                          = optional(string)
    policy_type                   = optional(string)
    timezone                      = optional(string)
    instant_restore_retention_days = optional(number)

    backup = object({
      frequency     = string
      time          = string
      hour_interval = optional(number)
      hour_duration = optional(number)
      weekdays      = optional(list(string))
    })

    retention_daily = optional(object({
      count = number
    }))

    retention_weekly = optional(object({
      count    = number
      weekdays = list(string)
    }))

    retention_monthly = optional(object({
      count             = number
      weekdays          = optional(list(string))
      weeks             = optional(list(string))
      days              = optional(list(number))
      include_last_days = optional(bool)
    }))

    retention_yearly = optional(object({
      count             = number
      months            = list(string)
      weekdays          = optional(list(string))
      weeks             = optional(list(string))
      days              = optional(list(number))
      include_last_days = optional(bool)
    }))
  }))
  default = {}

  validation {
    condition = alltrue([
      for policy in values(var.vm_backup_policies) : contains(["V1", "V2"], coalesce(try(policy.policy_type, null), "V2"))
    ])
    error_message = "Each vm_backup_policies[*].policy_type must be 'V1' or 'V2' when set."
  }
}

variable "protected_vms" {
  type = map(object({
    source_vm_id      = string
    backup_policy_key = optional(string)
    include_disk_luns = optional(list(number))
    exclude_disk_luns = optional(list(number))
    protection_state  = optional(string)
  }))
  default = {}

  validation {
    condition = alltrue([
      for vm in values(var.protected_vms) : (
        try(vm.backup_policy_key, null) == null ||
        contains(
          keys(length(var.vm_backup_policies) > 0 ? var.vm_backup_policies : { default = {} }),
          vm.backup_policy_key
        )
      )
    ])
    error_message = "Each protected_vms[*].backup_policy_key must exist in vm_backup_policies."
  }

  validation {
    condition = alltrue([
      for vm in values(var.protected_vms) : (
        try(vm.protection_state, null) == null ||
        contains(["Protected", "BackupsSuspended", "ProtectionStopped"], vm.protection_state)
      )
    ])
    error_message = "Each protected_vms[*].protection_state must be one of 'Protected', 'BackupsSuspended', or 'ProtectionStopped' when set."
  }
}