from src.services.ai_agent_autonomous_runtime_control import (
    build_ai_agent_autonomous_runtime_control,
)


def test_ai_agent_autonomous_runtime_control_uses_current_owner_directive():
    data = build_ai_agent_autonomous_runtime_control()

    assert data["schema_version"] == "ai_agent_autonomous_runtime_control_v1"
    assert data["program_status"]["runtime_authority"] == (
        "current_owner_directive_controlled_ai_automation"
    )
    assert data["program_status"]["deploy_readback_marker"] == (
        "p2_416_d1n_autonomous_runtime_control_prod_readback_v2"
    )
    assert data["program_status"]["deploy_attempt_note"] == (
        "cd_3673_retry_after_host_pressure_gate_fix"
    )
    assert data["program_status"]["legacy_no_send_no_live_rules_overridden"] is True
    assert data["program_status"]["implementation_completion_percent"] == 88
    assert data["current_policy"]["low_risk_controlled_apply_allowed"] is True
    assert data["current_policy"]["medium_risk_controlled_apply_allowed"] is True
    assert data["current_policy"]["high_risk_controlled_apply_allowed"] is True
    assert data["current_policy"]["owner_review_required_for_low_medium_high"] is False
    assert data["current_policy"]["telegram_gateway_required"] is True
    assert data["current_policy"]["direct_bot_api_allowed"] is False
    assert data["current_policy"]["post_apply_verifier_required"] is True
    assert data["current_policy"]["km_learning_writeback_required"] is True


def test_ai_agent_autonomous_runtime_control_exposes_reports_and_executor_receipts():
    data = build_ai_agent_autonomous_runtime_control()

    cadences = {item["cadence"]: item for item in data["report_delivery"]["cadences"]}
    assert set(cadences) == {"daily", "weekly", "monthly"}
    assert {item["telegram_gateway_delivery_enabled"] for item in cadences.values()} == {True}
    assert {item["direct_bot_api_allowed"] for item in cadences.values()} == {False}
    assert "run_daily_report_loop" in cadences["daily"]["worker"]
    assert "run_weekly_report_loop" in cadences["weekly"]["worker"]
    assert "run_monthly_report_loop" in cadences["monthly"]["worker"]

    operation_types = {
        item["operation_type"]
        for item in data["controlled_executor"]["operation_receipts"]
    }
    assert {
        "ansible_candidate_matched",
        "ansible_check_mode_executed",
        "ansible_apply_executed",
        "incident_evidence.post_execution_state",
        "knowledge_entries",
    }.issubset(operation_types)
    assert data["rollups"]["automated_risk_tier_count"] == 3
    assert data["rollups"]["report_cadence_enabled_count"] == 3
    assert data["rollups"]["direct_bot_api_allowed_count"] == 0
    assert data["rollups"]["legacy_policy_overridden_count"] >= 4


def test_ai_agent_autonomous_runtime_control_keeps_hard_blockers_and_redaction():
    data = build_ai_agent_autonomous_runtime_control()

    assert "secret_token_private_key_cookie_session_auth_header_cleartext" in data["hard_blockers"]
    assert "drop_truncate_restore_prune_destructive_database_operation" in data["hard_blockers"]
    assert "force_push_delete_repo_refs_or_visibility_change" in data["hard_blockers"]
    visibility = data["visibility_contract"]
    assert visibility["work_window_transcript_display_allowed"] is False
    assert visibility["prompt_body_display_allowed"] is False
    assert visibility["internal_reasoning_display_allowed"] is False
    assert visibility["sensitive_value_display_allowed"] is False
    assert visibility["telegram_unredacted_payload_display_allowed"] is False