from sqlalchemy import select

from iti.applications import create_app
from iti.applications.common.enums import GenderEnum, StatusEnum
from iti.applications.common.permission import get_super_admin_role
from iti.applications.extensions import db
from iti.applications.models import Role, SysConfig, SysMenu, User
from iti.seeds.system import DEFAULT_MENUS, seed_system_data


def test_seed_system_data_is_idempotent():
    app = create_app("test")

    with app.app_context():
        db.create_all()

        first = seed_system_data()
        admin_user = db.session.scalar(select(User).filter_by(username="admin"))
        assert admin_user is not None
        admin_user.realname = "已有管理员"
        admin_user.email = "existing@example.com"
        admin_user.password = "custom-password"
        db.session.commit()

        second = seed_system_data()

        assert first["roles"]["created"] == 2
        assert first["menus"]["created"] == len(DEFAULT_MENUS)
        assert second["roles"]["created"] == 0
        assert second["menus"]["created"] == 0
        assert second["users"]["created"] == 0

        admin_role = db.session.scalar(select(Role).filter_by(code="ADMIN"))
        common_role = db.session.scalar(select(Role).filter_by(code="COMMON"))
        admin_user = db.session.scalar(select(User).filter_by(username="admin"))
        default_roles = db.session.scalar(
            select(SysConfig).filter_by(type="USER", code="DEFAULT_USER_ROLES")
        )

        assert admin_role is not None
        assert common_role is not None
        assert admin_user is not None
        assert admin_user.realname == "已有管理员"
        assert admin_user.email == "existing@example.com"
        assert admin_user.check_password("custom-password")
        assert default_roles is not None
        assert default_roles.value == "COMMON"
        assert app.config["PERMISSION_CONFIG"]["SUPER_ADMIN_ROLE"] == "ADMIN"
        assert get_super_admin_role() == "ADMIN"
        assert {role.code for role in admin_user.roles} == {"ADMIN"}
        assert len(admin_role.menus) == len(DEFAULT_MENUS)
        assert db.session.scalar(select(SysMenu).filter_by(name="PunchAndReport")) is None

        db.session.remove()
        db.drop_all()


def test_seed_system_data_does_not_update_existing_admin_user():
    app = create_app("test")

    with app.app_context():
        db.create_all()
        existing = User(
            username="admin",
            password="custom-password",
            realname="已有管理员",
            email="existing@example.com",
            gender=GenderEnum.SECURE.value,
            status=StatusEnum.ENABLED.value,
        )
        db.session.add(existing)
        db.session.commit()

        summary = seed_system_data()

        admin_user = db.session.scalar(select(User).filter_by(username="admin"))
        assert summary["users"]["created"] == 0
        assert summary["users"]["updated"] == 0
        assert summary["users"]["skipped"] == 1
        assert admin_user.realname == "已有管理员"
        assert admin_user.email == "existing@example.com"
        assert admin_user.check_password("custom-password")
        assert {role.code for role in admin_user.roles} == {"ADMIN"}

        db.session.remove()
        db.drop_all()