import test from "node:test";
import assert from "node:assert/strict";
import { readFile } from "node:fs/promises";

const panelPath = new URL("../src/components/admin/admin-access-panel.tsx", import.meta.url);

async function readPanelSource() {
  return readFile(panelPath, "utf8");
}

test("AdminAccessPanel is a client antd component without refine antd", async () => {
  const source = await readPanelSource();

  assert.match(source, /["']use client["']/);
  assert.match(source, /export function AdminAccessPanel/);
  assert.doesNotMatch(source, /@refinedev\/antd/);
  for (const component of ["Form", "Card", "Table", "Button", "Select", "Checkbox", "Alert"]) {
    assert.match(source, new RegExp(`\\b${component}\\b`));
  }
});

test("AdminAccessPanel calls the access endpoint for refresh and mutations", async () => {
  const source = await readPanelSource();

  assert.match(source, /\/api\/v1\/admin\/access/);
  assert.match(source, /method:\s*["']POST["']/);
  assert.match(source, /cache:\s*["']no-store["']/);
  for (const action of [
    "upsert_company",
    "set_company_status",
    "assign_account_company",
    "assign_device_company",
    "preview_bulk_import_accounts",
    "bulk_import_accounts",
    "reclaim_account",
    "reset_account_password",
    "set_account_mfa_required",
    "upsert_account",
    "apply_template",
    "grant_device",
    "grant_project",
    "grant_skill",
    "revoke_grant",
    "set_account_status",
  ]) {
    assert.match(source, new RegExp(action));
  }
});

test("AdminAccessPanel exposes company lifecycle controls", async () => {
  const source = await readPanelSource();

  assert.match(source, /公司管理/);
  assert.match(source, /套餐等级/);
  assert.match(source, /合同到期/);
  assert.match(source, /客户成功/);
  assert.match(source, /批量导入账号/);
  assert.match(source, /预览导入/);
  assert.match(source, /CSV/);
  assert.match(source, /parseBulkAccountsCsv/);
  assert.match(source, /离职回收/);
  assert.match(source, /重置密码/);
  assert.match(source, /所属公司/);
});

test("AdminAccessPanel exposes hifi access workspace structure", async () => {
  const source = await readPanelSource();

  assert.match(source, /权限概览/);
  assert.match(source, /关键风险/);
  assert.match(source, /配置负责人\/账号/);
  assert.match(source, /权限删除/);
  assert.match(source, /设备绑定 \/ 范围授权 \/ SLA 授权/);
  assert.match(source, /adminDense/);
});

test("AdminAccessPanel wraps dangerous mutations with explicit confirmation", async () => {
  const source = await readPanelSource();

  assert.match(source, /confirmDangerousAction/);
  assert.match(source, /window\.confirm/);
  for (const action of ["set_company_status", "reclaim_account", "reset_account_password", "revoke_grant"]) {
    assert.match(source, new RegExp(`confirmDangerousAction[\\s\\S]+${action}|${action}[\\s\\S]+confirmDangerousAction`));
  }
});

test("AdminAccessPanel exposes account status controls", async () => {
  const source = await readPanelSource();

  assert.match(source, /账号列表/);
  assert.match(source, /停用/);
  assert.match(source, /启用/);
  assert.match(source, /status:\s*["']disabled["']/);
  assert.match(source, /status:\s*["']active["']/);
});

test("AdminAccessPanel only exposes member and admin account roles", async () => {
  const source = await readPanelSource();

  assert.match(source, /member/);
  assert.match(source, /admin/);
  assert.doesNotMatch(source, /highest_admin/);
});