def test_verify_internal_token_requires_env_by_default(monkeypatch):
    import services.code_review_pipeline_service as module

    monkeypatch.setattr(module, "INTERNAL_TOKEN", "")
    monkeypatch.setattr(module, "ALLOW_INSECURE_WEBHOOK", False)

    assert module.verify_internal_token("") is False
    assert module.verify_internal_token("anything") is False


def test_verify_internal_token_allows_explicit_dev_override(monkeypatch):
    import services.code_review_pipeline_service as module

    monkeypatch.setattr(module, "INTERNAL_TOKEN", "")
    monkeypatch.setattr(module, "ALLOW_INSECURE_WEBHOOK", True)

    assert module.verify_internal_token("") is True


def test_code_review_guard_blocks_high_risk_auto_fix(monkeypatch):
    import services.code_review_pipeline_service as module

    monkeypatch.setattr(module, "AUTO_FIX_ENABLED", True)
    pipeline = module.CodeReviewPipeline("abcdef123456", ["services/example.py"])
    pipeline.state["severity_summary"] = {"critical": 0, "high": 1, "medium": 0, "low": 0}

    guarded = pipeline._guard_ea_decision(
        {"priority": "high", "auto_fix": True, "reasoning": "建議修復", "fix_files": ["services/example.py"]},
        [{"severity": "HIGH", "file": "services/example.py"}],
    )

    assert guarded["auto_fix"] is False
    assert guarded["human_review_needed"] is True


def test_code_review_guard_requires_auto_fix_feature_flag(monkeypatch):
    import services.code_review_pipeline_service as module

    monkeypatch.setattr(module, "AUTO_FIX_ENABLED", False)
    pipeline = module.CodeReviewPipeline("abcdef123456", ["services/example.py"])
    pipeline.state["severity_summary"] = {"critical": 0, "high": 0, "medium": 1, "low": 0}

    guarded = pipeline._guard_ea_decision(
        {"priority": "medium", "auto_fix": True, "reasoning": "建議修復", "fix_files": ["services/example.py"]},
        [{"severity": "MEDIUM", "file": "services/example.py"}],
    )

    assert guarded["auto_fix"] is False
    assert guarded["human_review_needed"] is True