<?php

declare(strict_types=1);

use App\Filament\Resources\BackupSetResource;
use App\Filament\Resources\BaselineSnapshotResource;
use App\Filament\Resources\EntraGroupResource;
use App\Models\BackupSet;
use App\Models\BaselineProfile;
use App\Models\BaselineSnapshot;
use App\Models\BaselineSnapshotItem;
use App\Models\EntraGroup;
use App\Models\OperationRun;
use App\Support\OperationRunOutcome;
use App\Support\OperationRunStatus;
use App\Support\Workspaces\WorkspaceContext;
use Filament\Facades\Filament;

it('keeps summary-first reading order across the first aligned enterprise detail pages', function (): void {
    [$user, $tenant] = createUserWithTenant(role: 'owner');
    $this->actingAs($user);

    Filament::setTenant($tenant, true);

    $profile = BaselineProfile::factory()->active()->create([
        'workspace_id' => (int) $tenant->workspace_id,
        'name' => 'Security Baseline',
    ]);

    $snapshot = BaselineSnapshot::factory()->create([
        'workspace_id' => (int) $tenant->workspace_id,
        'baseline_profile_id' => (int) $profile->getKey(),
        'summary_jsonb' => [
            'fidelity_counts' => ['content' => 1, 'meta' => 0],
            'gaps' => ['count' => 0, 'by_reason' => []],
        ],
    ]);

    BaselineSnapshotItem::factory()->create([
        'baseline_snapshot_id' => (int) $snapshot->getKey(),
        'policy_type' => 'deviceCompliancePolicy',
        'meta_jsonb' => [
            'display_name' => 'Bitlocker Require',
            'evidence' => [
                'fidelity' => 'content',
                'source' => 'policy_version',
                'observed_at' => '2026-03-09T12:00:00+00:00',
            ],
        ],
    ]);

    $backupSet = BackupSet::factory()->create([
        'tenant_id' => (int) $tenant->getKey(),
        'name' => 'Nightly backup',
    ]);

    $group = EntraGroup::factory()->for($tenant)->create([
        'display_name' => 'Group One',
        'group_types' => ['Unified'],
    ]);

    $run = OperationRun::factory()->create([
        'workspace_id' => (int) $tenant->workspace_id,
        'tenant_id' => (int) $tenant->getKey(),
        'type' => 'policy.sync',
        'status' => OperationRunStatus::Completed->value,
        'outcome' => OperationRunOutcome::Succeeded->value,
        'summary_counts' => ['total' => 1, 'processed' => 1, 'succeeded' => 1],
        'context' => [
            'target_scope' => [
                'entra_tenant_name' => 'Contoso',
            ],
        ],
    ]);

    $this->withSession([WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id]);

    $this->get(BaselineSnapshotResource::getUrl('view', ['record' => $snapshot], panel: 'admin'))
        ->assertOk()
        ->assertSeeInOrder(['Security Baseline', 'Captured policy types', 'Technical detail']);

    $this->get(BackupSetResource::getUrl('view', ['record' => $backupSet], tenant: $tenant))
        ->assertOk()
        ->assertSeeInOrder(['Nightly backup', 'Lifecycle overview', 'Technical detail']);

    $this->get(EntraGroupResource::getUrl('view', ['record' => $group], tenant: $tenant))
        ->assertOk()
        ->assertSeeInOrder(['Group One', 'Classification overview', 'Technical detail']);

    Filament::setTenant(null, true);

    $this->get(route('admin.operations.view', ['run' => (int) $run->getKey()]))
        ->assertOk()
        ->assertSeeInOrder(['Policy sync', 'Run summary', 'Context']);
});