import pytest
from httpx import AsyncClient
from app.core.security import create_access_token
from app.models.user import User
import uuid


class TestAdminAPI:
    async def test_admin_dashboard_unauthorized(self, client: AsyncClient):
        response = await client.get("/api/v1/admin/dashboard")
        assert response.status_code == 401

    async def test_admin_dashboard_forbidden_non_admin(self, client: AsyncClient, test_user):
        token = create_access_token({"sub": str(test_user.id), "tier": "free", "role": "user"})
        response = await client.get(
            "/api/v1/admin/dashboard",
            headers={"Authorization": f"Bearer {token}"},
        )
        assert response.status_code == 403

    async def test_admin_dashboard_success(self, client: AsyncClient, test_user):
        test_user.role = "admin"
        token = create_access_token({"sub": str(test_user.id), "tier": "free", "role": "admin"})
        response = await client.get(
            "/api/v1/admin/dashboard",
            headers={"Authorization": f"Bearer {token}"},
        )
        assert response.status_code == 200
        data = response.json()
        assert "total_users" in data
        assert "paid_users" in data

    async def test_admin_list_users(self, client: AsyncClient, test_user):
        test_user.role = "admin"
        token = create_access_token({"sub": str(test_user.id), "tier": "free", "role": "admin"})
        response = await client.get(
            "/api/v1/admin/users",
            headers={"Authorization": f"Bearer {token}"},
        )
        assert response.status_code == 200
        data = response.json()
        assert "items" in data
        assert "total" in data

    async def test_admin_update_tier_forbidden_non_admin(self, client: AsyncClient, test_user):
        target_id = str(uuid.uuid4())
        token = create_access_token({"sub": str(test_user.id), "tier": "free", "role": "user"})
        response = await client.patch(
            f"/api/v1/admin/users/{target_id}/tier",
            headers={"Authorization": f"Bearer {token}"},
            json={"tier": "pro"},
        )
        assert response.status_code == 403


class TestRateLimit:
    async def test_health_not_rate_limited(self, client: AsyncClient):
        for _ in range(10):
            response = await client.get("/health")
            assert response.status_code == 200

    async def test_rate_limit_headers_present(self, client: AsyncClient, auth_headers):
        response = await client.get("/api/v1/customers", headers=auth_headers)
        assert "X-RateLimit-Remaining" in response.headers
        assert "X-RateLimit-Limit" in response.headers


class TestUserRole:
    async def test_user_default_role(self, client: AsyncClient, test_user):
        assert test_user.role == "user"

    async def test_user_info_contains_role(self, client: AsyncClient, auth_headers):
        response = await client.get("/api/v1/auth/me", headers=auth_headers)
        assert response.status_code == 200
        data = response.json()
        assert "role" in data
        assert data["role"] == "user"


class TestPrivacyTerms:
    async def test_privacy_page_exists(self):
        import os
        path = os.path.join(
            os.path.dirname(os.path.dirname(os.path.abspath(__file__))),
            "uni-app", "src", "pages", "agreement", "privacy.vue",
        )
        assert os.path.exists(path), "privacy.vue not found"

    async def test_terms_page_exists(self):
        import os
        path = os.path.join(
            os.path.dirname(os.path.dirname(os.path.abspath(__file__))),
            "uni-app", "src", "pages", "agreement", "terms.vue",
        )
        assert os.path.exists(path), "terms.vue not found"