from __future__ import annotations

import json

import pytest

from src.services.dependency_upgrade_approval_package_template import (
    load_latest_dependency_upgrade_approval_package_template,
)


def test_load_latest_dependency_upgrade_approval_package_template_reads_newest_file(tmp_path):
    older = _snapshot(generated_at="2026-06-03T00:00:00+08:00", completion=99)
    newer = _snapshot(generated_at="2026-06-04T00:00:00+08:00", completion=100)
    (tmp_path / "dependency_upgrade_approval_package_template_2026-06-03.json").write_text(
        json.dumps(older),
        encoding="utf-8",
    )
    (tmp_path / "dependency_upgrade_approval_package_template_2026-06-04.json").write_text(
        json.dumps(newer),
        encoding="utf-8",
    )

    loaded = load_latest_dependency_upgrade_approval_package_template(tmp_path)

    assert loaded["generated_at"] == "2026-06-04T00:00:00+08:00"
    assert loaded["program_status"]["overall_completion_percent"] == 100
    assert loaded["rollups"]["total_templates"] == 2
    assert loaded["operation_boundaries"]["package_upgrade_allowed"] is False


def test_dependency_upgrade_approval_package_template_requires_read_only_mode(tmp_path):
    snapshot = _snapshot()
    snapshot["program_status"]["read_only_mode"] = False
    (tmp_path / "dependency_upgrade_approval_package_template_2026-06-04.json").write_text(
        json.dumps(snapshot),
        encoding="utf-8",
    )

    with pytest.raises(ValueError, match="read_only_mode"):
        load_latest_dependency_upgrade_approval_package_template(tmp_path)


def test_dependency_upgrade_approval_package_template_requires_blocked_operations(tmp_path):
    snapshot = _snapshot()
    snapshot["operation_boundaries"]["lockfile_write_allowed"] = True
    (tmp_path / "dependency_upgrade_approval_package_template_2026-06-04.json").write_text(
        json.dumps(snapshot),
        encoding="utf-8",
    )

    with pytest.raises(ValueError, match="operation boundaries"):
        load_latest_dependency_upgrade_approval_package_template(tmp_path)


def test_dependency_upgrade_approval_package_template_requires_total_consistency(tmp_path):
    snapshot = _snapshot()
    snapshot["rollups"]["total_templates"] = 999
    (tmp_path / "dependency_upgrade_approval_package_template_2026-06-04.json").write_text(
        json.dumps(snapshot),
        encoding="utf-8",
    )

    with pytest.raises(ValueError, match="total_templates"):
        load_latest_dependency_upgrade_approval_package_template(tmp_path)


def test_dependency_upgrade_approval_package_template_requires_ready_id_consistency(tmp_path):
    snapshot = _snapshot()
    snapshot["rollups"]["template_ready_ids"] = []
    (tmp_path / "dependency_upgrade_approval_package_template_2026-06-04.json").write_text(
        json.dumps(snapshot),
        encoding="utf-8",
    )

    with pytest.raises(ValueError, match="template_ready_ids"):
        load_latest_dependency_upgrade_approval_package_template(tmp_path)


def test_dependency_upgrade_approval_package_template_requires_hitl_consistency(tmp_path):
    snapshot = _snapshot()
    snapshot["rollups"]["hitl_required_template_ids"] = []
    (tmp_path / "dependency_upgrade_approval_package_template_2026-06-04.json").write_text(
        json.dumps(snapshot),
        encoding="utf-8",
    )

    with pytest.raises(ValueError, match="hitl_required_template_ids"):
        load_latest_dependency_upgrade_approval_package_template(tmp_path)


def test_dependency_upgrade_approval_package_template_requires_hitl_gate(tmp_path):
    snapshot = _snapshot()
    snapshot["decision_gate_contract"]["hitl_required"] = False
    (tmp_path / "dependency_upgrade_approval_package_template_2026-06-04.json").write_text(
        json.dumps(snapshot),
        encoding="utf-8",
    )

    with pytest.raises(ValueError, match="hitl_required"):
        load_latest_dependency_upgrade_approval_package_template(tmp_path)


def test_dependency_upgrade_approval_package_template_fails_when_missing(tmp_path):
    with pytest.raises(FileNotFoundError):
        load_latest_dependency_upgrade_approval_package_template(tmp_path)


def _snapshot(
    *,
    generated_at: str = "2026-06-04T00:00:00+08:00",
    completion: int = 100,
) -> dict:
    return {
        "schema_version": "dependency_upgrade_approval_package_template_v1",
        "generated_at": generated_at,
        "program_status": {
            "overall_completion_percent": completion,
            "current_priority": "P1",
            "current_task_id": "P1-206",
            "next_task_id": "P1-103",
            "read_only_mode": True,
        },
        "source_refs": ["docs/evaluations/dependency_drift_check_plan_2026-06-04.json"],
        "rollups": {
            "total_templates": 2,
            "by_domain": {"python": 1, "docker": 1},
            "template_ready_ids": [
                "python_manifest_authority_package",
                "docker_base_digest_pin_package",
            ],
            "hitl_required_template_ids": [
                "python_manifest_authority_package",
                "docker_base_digest_pin_package",
            ],
        },
        "approval_fields": [
            {
                "field_id": "evidence_refs",
                "required": True,
                "description": "evidence",
            }
        ],
        "package_templates": [
            _template("python_manifest_authority_package", "python", "openclaw"),
            _template("docker_base_digest_pin_package", "docker", "openclaw"),
        ],
        "decision_gate_contract": {
            "openclaw_role": "arbitrate",
            "hermes_role": "summarize",
            "nemotron_role": "offline compare",
            "hitl_required": True,
            "expires_after": "7 days",
        },
        "operation_boundaries": {
            "read_only_template_allowed": True,
            "external_source_activation_allowed": False,
            "sdk_installation_allowed": False,
            "paid_api_call_allowed": False,
            "package_installation_allowed": False,
            "package_upgrade_allowed": False,
            "lockfile_write_allowed": False,
            "manifest_write_allowed": False,
            "dockerfile_write_allowed": False,
            "docker_build_allowed": False,
            "image_pull_allowed": False,
            "image_rebuild_allowed": False,
            "registry_push_allowed": False,
            "package_publish_allowed": False,
            "shadow_or_canary_allowed": False,
            "production_routing_allowed": False,
        },
        "approval_boundaries": {
            "sdk_installation_allowed": False,
            "paid_api_call_allowed": False,
            "shadow_or_canary_allowed": False,
            "production_routing_allowed": False,
            "destructive_operation_allowed": False,
        },
    }


def _template(template_id: str, domain: str, owner_agent: str) -> dict:
    return {
        "template_id": template_id,
        "domain": domain,
        "status": "template_ready",
        "owner_agent": owner_agent,
        "purpose": "approval package",
        "required_evidence": ["docs/evaluations/dependency_risk_policy_2026-06-04.json"],
        "required_decisions": ["approve or reject"],
        "required_tests": ["schema validation"],
        "rollback_requirements": ["revert patch"],
        "manual_approvals": ["OpenClaw arbitration", "HITL approval"],
        "prohibited_without_approval": ["package upgrade"],
        "evidence_refs": ["docs/evaluations/dependency_drift_check_plan_2026-06-04.json"],
    }