"""anu_v2.tests.test_owner_trigger_merge_path_separation_2554 — merge vs trigger 경로 분리 (task-2554).

회장 §명시 14장 §9 1:1:
  OWNER_GEMINI_TRIGGER_TOKEN 은 ``merge_queue_executor`` merge path 에서 직접 사용 X.
  merge 는 BOT_GITHUB_TOKEN 으로만.
"""

from __future__ import annotations

import sys
from pathlib import Path

import pytest

WORKSPACE_ROOT = Path(__file__).resolve().parents[2]
if str(WORKSPACE_ROOT) not in sys.path:
    sys.path.insert(0, str(WORKSPACE_ROOT))

from anu_v2.owner_trigger_only import (  # noqa: E402
    ForbiddenEndpointError,
    MergePathViolation,
    OwnerTriggerOnly,
    TOKEN_ENV_NAME,
)
from anu_v2.owner_trigger_audit import OwnerTriggerAudit  # noqa: E402


def _build_module(tmp_path: Path):
    def http_post(*a, **kw):
        return {"status": 201}

    def token_provider():
        return "any-token"

    return OwnerTriggerOnly(
        workspace_root=tmp_path,
        http_post=http_post,
        token_provider=token_provider,
        audit=OwnerTriggerAudit(tmp_path),
    )


def test_owner_trigger_only_does_not_expose_merge_method(tmp_path):
    mod = _build_module(tmp_path)
    with pytest.raises(MergePathViolation):
        mod.merge(pr=103)


def test_module_source_does_not_call_pulls_merge_endpoint():
    """정적 grep: owner_trigger_only.py 본문에 pulls/{n}/merge endpoint 빌드 0건."""
    src = (WORKSPACE_ROOT / "anu_v2" / "owner_trigger_only.py").read_text(encoding="utf-8")
    # FORBIDDEN_ENDPOINT_PATTERNS regex 정의 외 호출 빌더는 0
    assert "pulls/{pr_number}/merge" not in src
    assert "/pulls/{n}/merge" not in src


def test_owner_trigger_module_does_not_import_merge_queue_executor():
    """owner_trigger_only.py가 merge_queue_executor를 import 하지 않음 (분리)."""
    src = (WORKSPACE_ROOT / "anu_v2" / "owner_trigger_only.py").read_text(encoding="utf-8")
    assert "import merge_queue_executor" not in src
    assert "from anu_v2.merge_queue_executor" not in src


def test_merge_queue_executor_does_not_import_owner_trigger_only():
    """역방향 — merge_queue_executor 는 ``owner_trigger_only`` 모듈을 import 하지 않는다.

    task-2554+2 §3 Phase 3 통합:
      - merge_queue_executor 는 ``owner_trigger_decision`` (schema 검증용 상수) 만 import.
      - ``owner_trigger_only`` 모듈은 직접 import 하지 않음 — runner 는 외부 호출자가 주입.
      - ``owner_trigger_pat`` 도 import 0 (task-2553 retired path).
    """
    mqe_path = WORKSPACE_ROOT / "anu_v2" / "merge_queue_executor.py"
    if not mqe_path.exists():  # pragma: no cover — anu_v2 namespace 외 변경 0 보호
        pytest.skip("merge_queue_executor.py not present in this branch")
    src = mqe_path.read_text(encoding="utf-8")
    # `owner_trigger_only` 모듈 import 0 (코드 line 기준; 주석 안 식별자는 무시).
    for line in src.splitlines():
        # 주석은 import 검사 대상 아님
        if line.lstrip().startswith("#"):
            continue
        if "import owner_trigger_only" in line or "from anu_v2.owner_trigger_only" in line:
            raise AssertionError(f"merge_queue_executor imports owner_trigger_only: {line!r}")
    # owner_trigger_pat 도 import 0
    for line in src.splitlines():
        if line.lstrip().startswith("#"):
            continue
        if "import owner_trigger_pat" in line or "from anu_v2.owner_trigger_pat" in line:
            raise AssertionError(f"merge_queue_executor imports owner_trigger_pat: {line!r}")


def test_owner_trigger_token_name_is_separate_from_bot_token():
    assert TOKEN_ENV_NAME == "OWNER_GEMINI_TRIGGER_TOKEN"
    assert TOKEN_ENV_NAME != "BOT_GITHUB_TOKEN"
    assert "BOT_" not in TOKEN_ENV_NAME


def test_owner_trigger_only_approve_close_reopen_blocked(tmp_path):
    mod = _build_module(tmp_path)
    for method_name in ("approve", "close", "reopen"):
        method = getattr(mod, method_name)
        with pytest.raises((ForbiddenEndpointError, PermissionError)):
            method(pr=103)