import unittest

from fastapi.testclient import TestClient

from admin_app.api.dependencies import get_current_staff_principal
from admin_app.app_factory import create_app
from admin_app.core import AdminSettings, AuthenticatedStaffPrincipal
from shared.contracts import StaffRole


class AdminToolsWebTests(unittest.TestCase):
    def _build_client_with_role(
        self,
        role: StaffRole,
        settings: AdminSettings | None = None,
    ) -> tuple[TestClient, object]:
        app = create_app(
            settings
            or AdminSettings(
                admin_auth_token_secret="test-secret",
                admin_api_prefix="/admin",
            )
        )
        app.dependency_overrides[get_current_staff_principal] = lambda: AuthenticatedStaffPrincipal(
            id=11,
            email="staff@empresa.com",
            display_name="Equipe de Tools",
            role=role,
            is_active=True,
        )
        return TestClient(app), app

    def test_tools_overview_requires_manage_tool_drafts_permission(self):
        client, app = self._build_client_with_role(StaffRole.VIEWER)
        try:
            response = client.get("/admin/tools/overview", headers={"Authorization": "Bearer token"})
        finally:
            app.dependency_overrides.clear()

        self.assertEqual(response.status_code, 403)
        self.assertEqual(
            response.json()["detail"],
            "Permissao administrativa insuficiente: 'manage_tool_drafts'.",
        )

    def test_tools_overview_returns_metrics_workflow_and_actions(self):
        client, app = self._build_client_with_role(StaffRole.STAFF)
        try:
            response = client.get("/admin/tools/overview", headers={"Authorization": "Bearer token"})
        finally:
            app.dependency_overrides.clear()

        self.assertEqual(response.status_code, 200)
        payload = response.json()
        self.assertEqual(payload["service"], "orquestrador-admin")
        self.assertEqual(payload["mode"], "bootstrap_catalog")
        self.assertEqual(payload["metrics"][0]["value"], "18")
        self.assertIn("active", [item["code"] for item in payload["workflow"]])
        self.assertIn("/admin/tools/contracts", [item["href"] for item in payload["actions"]])
        self.assertIn("ToolDraft", payload["next_steps"][0])

    def test_tools_contracts_return_shared_contract_snapshot(self):
        client, app = self._build_client_with_role(StaffRole.STAFF)
        try:
            response = client.get("/admin/tools/contracts", headers={"Authorization": "Bearer token"})
        finally:
            app.dependency_overrides.clear()

        self.assertEqual(response.status_code, 200)
        payload = response.json()
        self.assertEqual(payload["publication_source_service"], "admin")
        self.assertEqual(payload["publication_target_service"], "product")
        self.assertIn("draft", [item["code"] for item in payload["lifecycle_statuses"]])
        self.assertIn("string", [item["code"] for item in payload["parameter_types"]])
        self.assertIn("published_tool", payload["publication_fields"])

    def test_tools_drafts_return_empty_state_until_persistence_exists(self):
        client, app = self._build_client_with_role(StaffRole.STAFF)
        try:
            response = client.get("/admin/tools/drafts", headers={"Authorization": "Bearer token"})
        finally:
            app.dependency_overrides.clear()

        self.assertEqual(response.status_code, 200)
        payload = response.json()
        self.assertEqual(payload["storage_status"], "pending_persistence")
        self.assertEqual(payload["drafts"], [])
        self.assertEqual(payload["supported_statuses"], ["draft"])

    def test_tools_review_queue_is_available_for_staff(self):
        client, app = self._build_client_with_role(StaffRole.STAFF)
        try:
            response = client.get("/admin/tools/review-queue", headers={"Authorization": "Bearer token"})
        finally:
            app.dependency_overrides.clear()

        self.assertEqual(response.status_code, 200)
        payload = response.json()
        self.assertEqual(payload["queue_mode"], "bootstrap_empty_state")
        self.assertEqual(payload["items"], [])
        self.assertIn("validated", payload["supported_statuses"])

    def test_tools_publications_require_publish_tools_permission(self):
        client, app = self._build_client_with_role(StaffRole.STAFF)
        try:
            response = client.get("/admin/tools/publications", headers={"Authorization": "Bearer token"})
        finally:
            app.dependency_overrides.clear()

        self.assertEqual(response.status_code, 403)
        self.assertEqual(
            response.json()["detail"],
            "Permissao administrativa insuficiente: 'publish_tools'.",
        )

    def test_tools_publications_return_bootstrap_catalog_for_admin(self):
        client, app = self._build_client_with_role(StaffRole.ADMIN)
        try:
            response = client.get("/admin/tools/publications", headers={"Authorization": "Bearer token"})
        finally:
            app.dependency_overrides.clear()

        self.assertEqual(response.status_code, 200)
        payload = response.json()
        self.assertEqual(payload["source"], "bootstrap_catalog")
        self.assertEqual(payload["target_service"], "product")
        self.assertGreaterEqual(len(payload["publications"]), 10)
        self.assertIn("consultar_estoque", [item["tool_name"] for item in payload["publications"]])
        first = payload["publications"][0]
        self.assertEqual(first["status"], "active")
        self.assertEqual(first["implementation_module"], "app.services.tools.handlers")


if __name__ == "__main__":
    unittest.main()