package unit

import (
	"context"
	"testing"

	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"

	"github.com/break/junhong_cmp_fiber/internal/model"
	"github.com/break/junhong_cmp_fiber/internal/service/account"
	"github.com/break/junhong_cmp_fiber/internal/store/postgres"
	"github.com/break/junhong_cmp_fiber/pkg/constants"
	"github.com/break/junhong_cmp_fiber/pkg/middleware"
	"github.com/break/junhong_cmp_fiber/tests/testutils"
)

// TestRoleAssignmentLimit_PlatformUser 测试平台用户可以分配多个角色（无限制）
func TestRoleAssignmentLimit_PlatformUser(t *testing.T) {
	db, redisClient := testutils.SetupTestDB(t)
	defer testutils.TeardownTestDB(t, db, redisClient)

	accountStore := postgres.NewAccountStore(db, redisClient)
	roleStore := postgres.NewRoleStore(db)
	accountRoleStore := postgres.NewAccountRoleStore(db)
	service := account.New(accountStore, roleStore, accountRoleStore)

	ctx := context.Background()
	ctx = middleware.SetUserContext(ctx, middleware.NewSimpleUserContext(1, constants.UserTypeSuperAdmin, 0))

	// 创建平台用户
	platformUser := &model.Account{
		Username: "platform_user",
		Phone:    "13800000001",
		Password: "hashedpassword",
		UserType: constants.UserTypePlatform,
		Status:   constants.StatusEnabled,
	}
	require.NoError(t, db.Create(platformUser).Error)

	// 创建 3 个平台角色
	roles := []*model.Role{
		{RoleName: "运营", RoleType: constants.RoleTypePlatform, Status: constants.StatusEnabled},
		{RoleName: "客服", RoleType: constants.RoleTypePlatform, Status: constants.StatusEnabled},
		{RoleName: "财务", RoleType: constants.RoleTypePlatform, Status: constants.StatusEnabled},
	}
	for _, role := range roles {
		require.NoError(t, db.Create(role).Error)
	}

	// 为平台用户分配 3 个角色（应该成功，因为平台用户无限制）
	roleIDs := []uint{roles[0].ID, roles[1].ID, roles[2].ID}
	ars, err := service.AssignRoles(ctx, platformUser.ID, roleIDs)
	require.NoError(t, err)
	assert.Len(t, ars, 3)
}

// TestRoleAssignmentLimit_AgentUser 测试代理账号只能分配一个角色
func TestRoleAssignmentLimit_AgentUser(t *testing.T) {
	db, redisClient := testutils.SetupTestDB(t)
	defer testutils.TeardownTestDB(t, db, redisClient)

	accountStore := postgres.NewAccountStore(db, redisClient)
	roleStore := postgres.NewRoleStore(db)
	accountRoleStore := postgres.NewAccountRoleStore(db)
	service := account.New(accountStore, roleStore, accountRoleStore)

	ctx := context.Background()
	ctx = middleware.SetUserContext(ctx, middleware.NewSimpleUserContext(1, constants.UserTypeSuperAdmin, 0))

	// 创建代理账号
	agentAccount := &model.Account{
		Username: "agent_user",
		Phone:    "13800000002",
		Password: "hashedpassword",
		UserType: constants.UserTypeAgent,
		Status:   constants.StatusEnabled,
	}
	require.NoError(t, db.Create(agentAccount).Error)

	// 创建 2 个客户角色
	roles := []*model.Role{
		{RoleName: "一级代理", RoleType: constants.RoleTypeCustomer, Status: constants.StatusEnabled},
		{RoleName: "二级代理", RoleType: constants.RoleTypeCustomer, Status: constants.StatusEnabled},
	}
	for _, role := range roles {
		require.NoError(t, db.Create(role).Error)
	}

	// 先分配第一个角色（应该成功）
	ars, err := service.AssignRoles(ctx, agentAccount.ID, []uint{roles[0].ID})
	require.NoError(t, err)
	assert.Len(t, ars, 1)

	// 尝试分配第二个角色（应该失败，超过数量限制）
	_, err = service.AssignRoles(ctx, agentAccount.ID, []uint{roles[1].ID})
	require.Error(t, err)
	assert.Contains(t, err.Error(), "最多只能分配 1 个角色")
}

// TestRoleAssignmentLimit_EnterpriseUser 测试企业账号只能分配一个角色
func TestRoleAssignmentLimit_EnterpriseUser(t *testing.T) {
	db, redisClient := testutils.SetupTestDB(t)
	defer testutils.TeardownTestDB(t, db, redisClient)

	accountStore := postgres.NewAccountStore(db, redisClient)
	roleStore := postgres.NewRoleStore(db)
	accountRoleStore := postgres.NewAccountRoleStore(db)
	service := account.New(accountStore, roleStore, accountRoleStore)

	ctx := context.Background()
	ctx = middleware.SetUserContext(ctx, middleware.NewSimpleUserContext(1, constants.UserTypeSuperAdmin, 0))

	// 创建企业账号
	enterpriseAccount := &model.Account{
		Username: "enterprise_user",
		Phone:    "13800000003",
		Password: "hashedpassword",
		UserType: constants.UserTypeEnterprise,
		Status:   constants.StatusEnabled,
	}
	require.NoError(t, db.Create(enterpriseAccount).Error)

	// 创建 2 个客户角色
	roles := []*model.Role{
		{RoleName: "企业普通", RoleType: constants.RoleTypeCustomer, Status: constants.StatusEnabled},
		{RoleName: "企业高级", RoleType: constants.RoleTypeCustomer, Status: constants.StatusEnabled},
	}
	for _, role := range roles {
		require.NoError(t, db.Create(role).Error)
	}

	// 先分配第一个角色（应该成功）
	ars, err := service.AssignRoles(ctx, enterpriseAccount.ID, []uint{roles[0].ID})
	require.NoError(t, err)
	assert.Len(t, ars, 1)

	// 尝试分配第二个角色（应该失败，超过数量限制）
	_, err = service.AssignRoles(ctx, enterpriseAccount.ID, []uint{roles[1].ID})
	require.Error(t, err)
	assert.Contains(t, err.Error(), "最多只能分配 1 个角色")
}

// TestRoleAssignmentLimit_SuperAdmin 测试超级管理员不允许分配角色
func TestRoleAssignmentLimit_SuperAdmin(t *testing.T) {
	db, redisClient := testutils.SetupTestDB(t)
	defer testutils.TeardownTestDB(t, db, redisClient)

	accountStore := postgres.NewAccountStore(db, redisClient)
	roleStore := postgres.NewRoleStore(db)
	accountRoleStore := postgres.NewAccountRoleStore(db)
	service := account.New(accountStore, roleStore, accountRoleStore)

	ctx := context.Background()
	ctx = middleware.SetUserContext(ctx, middleware.NewSimpleUserContext(1, constants.UserTypeSuperAdmin, 0))

	// 创建超级管理员
	superAdmin := &model.Account{
		Username: "superadmin",
		Phone:    "13800000004",
		Password: "hashedpassword",
		UserType: constants.UserTypeSuperAdmin,
		Status:   constants.StatusEnabled,
	}
	require.NoError(t, db.Create(superAdmin).Error)

	// 创建一个平台角色
	role := &model.Role{
		RoleName: "测试角色",
		RoleType: constants.RoleTypePlatform,
		Status:   constants.StatusEnabled,
	}
	require.NoError(t, db.Create(role).Error)

	// 尝试为超级管理员分配角色（应该失败）
	_, err := service.AssignRoles(ctx, superAdmin.ID, []uint{role.ID})
	require.Error(t, err)
	assert.Contains(t, err.Error(), "不需要分配角色")
}