"""Borra una request REST de una team collection de Hoppscotch.

Invoca la mutation GraphQL deleteRequest del backend self-hosted. Protegida por
GqlAuthGuard: el JWT de sesion viaja en la cookie `access_token`.
"""

import requests

_MUTATION = "mutation($r:ID!){ deleteRequest(requestID:$r) }"


def hoppscotch_delete_request(
    request_id: str,
    *,
    access_token: str,
    backend_url: str = "http://localhost:3170",
) -> dict:
    """Borra una request de Hoppscotch por su ID.

    Args:
        request_id: ID de la request a borrar.
        access_token: JWT de sesion (de hoppscotch_login). Viaja en la cookie
            `access_token`, NO en el header Authorization.
        backend_url: base del backend Hoppscotch (sin barra final).

    Returns:
        Dict. En exito: ``{"status": "ok", "deleted": str}``. En error (GraphQL
        errors, deleteRequest != true, HTTP no 200, transporte):
        ``{"status": "error", "error": str, "data": ...}``.
    """
    payload = {
        "query": _MUTATION,
        "variables": {"r": request_id},
    }

    try:
        resp = requests.post(
            f"{backend_url}/graphql",
            json=payload,
            cookies={"access_token": access_token},
            timeout=30.0,
        )
    except requests.RequestException as exc:
        return {"status": "error", "error": f"transport error: {exc}"}

    try:
        data = resp.json()
    except ValueError:
        return {
            "status": "error",
            "error": f"non-JSON response (HTTP {resp.status_code})",
        }

    if data.get("errors"):
        return {
            "status": "error",
            "error": "graphql errors",
            "data": data,
        }

    deleted = (data.get("data") or {}).get("deleteRequest")
    if deleted is not True:
        return {
            "status": "error",
            "error": "deleteRequest did not return true",
            "data": data,
        }

    return {"status": "ok", "deleted": request_id}