import { expect, test, type Page, type Route } from '@playwright/test';

import type { StubAuthSession } from '../../src/app/testing/auth-fixtures';

const adminSession: StubAuthSession = {
  subjectId: 'operations-e2e-user',
  tenant: 'tenant-default',
  scopes: [
    'admin',
    'ui.read',
    'ui.admin',
    'orch:read',
    'orch:operate',
    'health:read',
    'notify.viewer',
    'policy:read',
  ],
};

const mockConfig = {
  authority: {
    issuer: '/authority',
    clientId: 'stella-ops-ui',
    authorizeEndpoint: '/authority/connect/authorize',
    tokenEndpoint: '/authority/connect/token',
    logoutEndpoint: '/authority/connect/logout',
    redirectUri: 'https://127.0.0.1:4400/auth/callback',
    postLogoutRedirectUri: 'https://127.0.0.1:4400/',
    scope: 'openid profile email ui.read',
    audience: '/gateway',
    dpopAlgorithms: ['ES256'],
    refreshLeewaySeconds: 60,
  },
  apiBaseUrls: {
    authority: '/authority',
    scanner: '/scanner',
    policy: '/policy',
    concelier: '/concelier',
    attestor: '/attestor',
    gateway: '/gateway',
  },
  quickstartMode: true,
  setup: 'complete',
};

async function fulfillJson(route: Route, body: unknown): Promise<void> {
  await route.fulfill({
    status: 200,
    contentType: 'application/json',
    body: JSON.stringify(body),
  });
}

async function navigateClientSide(page: Page, target: string): Promise<void> {
  await page.evaluate((url) => {
    window.history.pushState({}, '', url);
    window.dispatchEvent(new PopStateEvent('popstate', { state: window.history.state }));
  }, target);
}

async function setupHarness(page: Page): Promise<void> {
  await page.addInitScript((session) => {
    (window as { __stellaopsTestSession?: unknown }).__stellaopsTestSession = session;
  }, adminSession);

  await page.route('**/platform/envsettings.json', (route) => fulfillJson(route, mockConfig));
  await page.route('**/config.json', (route) => fulfillJson(route, mockConfig));
  await page.route('**/.well-known/openid-configuration', (route) =>
    fulfillJson(route, {
      issuer: 'https://127.0.0.1:4400/authority',
      authorization_endpoint: 'https://127.0.0.1:4400/authority/connect/authorize',
      token_endpoint: 'https://127.0.0.1:4400/authority/connect/token',
      jwks_uri: 'https://127.0.0.1:4400/authority/.well-known/jwks.json',
      response_types_supported: ['code'],
      subject_types_supported: ['public'],
      id_token_signing_alg_values_supported: ['RS256'],
    })
  );
  await page.route('**/authority/.well-known/jwks.json', (route) => fulfillJson(route, { keys: [] }));
  await page.route('**/console/profile**', (route) =>
    fulfillJson(route, {
      subjectId: adminSession.subjectId,
      username: 'operations-e2e',
      displayName: 'Operations E2E',
      tenant: adminSession.tenant,
      roles: ['admin'],
      scopes: adminSession.scopes,
    })
  );
  await page.route('**/console/token/introspect**', (route) =>
    fulfillJson(route, {
      active: true,
      tenant: adminSession.tenant,
      subject: adminSession.subjectId,
      scopes: adminSession.scopes,
    })
  );
  await page.route('**/api/v2/context/regions', (route) =>
    fulfillJson(route, [{ regionId: 'eu-west', displayName: 'EU West', sortOrder: 1, enabled: true }])
  );
  await page.route('**/api/v2/context/environments**', (route) =>
    fulfillJson(route, [
      {
        environmentId: 'prod',
        regionId: 'eu-west',
        environmentType: 'prod',
        displayName: 'Prod',
        sortOrder: 1,
        enabled: true,
      },
    ])
  );
  await page.route('**/api/v2/context/preferences', (route) =>
    fulfillJson(route, {
      tenantId: adminSession.tenant,
      actorId: adminSession.subjectId,
      regions: ['eu-west'],
      environments: ['prod'],
      timeWindow: '24h',
      stage: 'all',
      updatedAt: '2026-03-07T12:00:00Z',
      updatedBy: adminSession.subjectId,
    })
  );
  await page.route('**/doctor/api/v1/doctor/trends**', (route) => fulfillJson(route, []));
  await page.route('**/api/v1/approvals**', (route) => fulfillJson(route, []));
}

test.beforeEach(async ({ page }) => {
  await setupHarness(page);
});

test('operations overview routes grouped cards into canonical child pages', async ({ page }) => {
  await page.goto('/ops/operations', { waitUntil: 'networkidle' });

  await expect(page.getByTestId('operations-overview')).toBeVisible();
  await expect(page.getByTestId('operations-card-data-integrity')).toBeVisible();

  await page.getByTestId('operations-card-data-integrity').click();
  await expect(page).toHaveURL(/\/ops\/operations\/data-integrity$/);
  await expect(page.getByText('Data Trust Score')).toBeVisible();
});

test('legacy platform ops redirects preserve canonical routes and query state', async ({ page }) => {
  await page.goto('/ops/operations', {
    waitUntil: 'networkidle',
  });

  await navigateClientSide(page, '/platform/ops/feeds-airgap?tab=version-locks');
  await expect(page).toHaveURL(/\/ops\/operations\/feeds-airgap\?tab=version-locks$/);
  await expect(page.getByRole('button', { name: 'Version Locks' })).toHaveClass(/active/);

  await navigateClientSide(page, '/platform-ops/data-integrity/feeds-freshness');
  await expect(page).toHaveURL(/\/ops\/operations\/data-integrity\/feeds-freshness$/);
  await expect(page.getByRole('heading', { name: 'Feeds Freshness' })).toBeVisible();
});