<?php

use App\Filament\Resources\InventoryItemResource;
use App\Filament\Resources\InventoryItemResource\Pages\ListInventoryItems;
use App\Models\InventoryItem;
use App\Models\OperationRun;
use App\Models\Tenant;
use App\Support\Auth\UiTooltips;
use App\Support\Inventory\InventoryCoverage as InventoryCoveragePayload;
use Filament\Facades\Filament;
use Illuminate\Support\Facades\Http;
use Livewire\Livewire;

uses(\Illuminate\Foundation\Testing\RefreshDatabase::class);

beforeEach(function (): void {
    Http::preventStrayRequests();
});

test('inventory items are listed for the active tenant', function () {
    $tenant = Tenant::factory()->create();
    [$user, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');

    $otherTenant = Tenant::factory()->create();

    InventoryItem::factory()->create([
        'tenant_id' => $tenant->getKey(),
        'display_name' => 'Item A',
        'policy_type' => 'deviceConfiguration',
        'external_id' => 'item-a',
        'platform' => 'windows',
    ]);

    InventoryItem::factory()->create([
        'tenant_id' => $otherTenant->getKey(),
        'display_name' => 'Item B',
        'policy_type' => 'deviceConfiguration',
        'external_id' => 'item-b',
        'platform' => 'windows',
    ]);

    $this->actingAs($user)
        ->get(InventoryItemResource::getUrl('index', tenant: $tenant))
        ->assertOk()
        ->assertSee('Item A')
        ->assertDontSee('Item B');
});

test('non-members are denied access to inventory item tenant routes (404)', function () {
    $tenant = Tenant::factory()->create();
    $otherTenant = Tenant::factory()->create();

    [$user] = createUserWithTenant($otherTenant, role: 'owner');

    $this->actingAs($user)
        ->get(InventoryItemResource::getUrl('index', tenant: $tenant))
        ->assertStatus(404);
});

test('members without capability see inventory sync action disabled with standard tooltip', function () {
    $tenant = Tenant::factory()->create();
    [$user] = createUserWithTenant($tenant, role: 'readonly');

    $tenant->makeCurrent();
    Filament::setTenant($tenant, true);

    Livewire::actingAs($user)
        ->test(ListInventoryItems::class)
        ->assertActionVisible('run_inventory_sync')
        ->assertActionDisabled('run_inventory_sync')
        ->assertActionExists('run_inventory_sync', fn ($action): bool => $action->getTooltip() === UiTooltips::insufficientPermission());
});

test('inventory items page shows truthful coverage stats instead of support-matrix wording', function (): void {
    $tenant = Tenant::factory()->create();
    [$user, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');

    InventoryItem::factory()->create([
        'tenant_id' => (int) $tenant->getKey(),
        'display_name' => 'Conditional Access Prod',
        'policy_type' => 'conditionalAccessPolicy',
        'external_id' => 'ca-1',
        'platform' => 'windows',
    ]);

    OperationRun::factory()->create([
        'tenant_id' => (int) $tenant->getKey(),
        'workspace_id' => (int) $tenant->workspace_id,
        'type' => 'inventory_sync',
        'status' => 'completed',
        'outcome' => 'partially_succeeded',
        'context' => [
            'inventory' => [
                'coverage' => InventoryCoveragePayload::buildPayload([
                    'conditionalAccessPolicy' => [
                        'status' => InventoryCoveragePayload::StatusSucceeded,
                        'item_count' => 1,
                    ],
                    'deviceConfiguration' => [
                        'status' => InventoryCoveragePayload::StatusFailed,
                        'item_count' => 0,
                        'error_code' => 'graph_forbidden',
                    ],
                ], []),
            ],
        ],
        'completed_at' => now(),
    ]);

    $this->actingAs($user)
        ->get(InventoryItemResource::getUrl('index', tenant: $tenant))
        ->assertOk()
        ->assertSee('Covered types')
        ->assertSee('Need follow-up')
        ->assertSee('Coverage basis')
        ->assertSee('Open basis run')
        ->assertDontSee('Last inventory sync')
        ->assertDontSee('Inventory ops');
});