/**
 * Unit tests for the signing-authorization gate (pure logic, no DB).
 * Run: npx tsx api/test/test_esign_sign_consent.ts
 */
import assert from "node:assert";
import {
  SIGN_CONSENT_TEXT,
  requiresSignConsent,
  signConsentRequired,
  signConsentSatisfied,
} from "../src/routes/esign-sign-consent.js";

let pass = 0;
const ok = (name: string, cond: boolean) => {
  assert.ok(cond, name);
  pass++;
};

// --- requiresSignConsent ---
ok("meta true", requiresSignConsent({ require_sign_consent: true }) === true);
ok("meta false", requiresSignConsent({ require_sign_consent: false }) === false);
ok("meta missing", requiresSignConsent({}) === false);
ok("meta null", requiresSignConsent(null) === false);
ok("meta undefined", requiresSignConsent(undefined) === false);
ok("meta string-truthy not enough", requiresSignConsent({ require_sign_consent: "true" }) === false);

// --- signConsentRequired: only DRAWN on consent-required docs ---
ok("required: drawn + flag", signConsentRequired({ require_sign_consent: true }, "drawn") === true);
ok("not required: typed + flag", signConsentRequired({ require_sign_consent: true }, "typed") === false);
ok("not required: drawn + no flag", signConsentRequired({ require_sign_consent: false }, "drawn") === false);
ok("not required: drawn + no meta", signConsentRequired({}, "drawn") === false);
ok("not required: undefined type", signConsentRequired({ require_sign_consent: true }, undefined) === false);

// --- signConsentSatisfied ---
// exempt cases (consent not required) are always satisfied regardless of flag
ok("satisfied: typed exempt", signConsentSatisfied({ require_sign_consent: true }, "typed", undefined) === true);
ok("satisfied: no-flag drawn exempt", signConsentSatisfied({ require_sign_consent: false }, "drawn", undefined) === true);
ok("satisfied: no-meta drawn exempt", signConsentSatisfied({}, "drawn", false) === true);
// required cases: must have sign_consent === true
ok("blocked: drawn+flag, no consent", signConsentSatisfied({ require_sign_consent: true }, "drawn", undefined) === false);
ok("blocked: drawn+flag, consent false", signConsentSatisfied({ require_sign_consent: true }, "drawn", false) === false);
ok("blocked: drawn+flag, consent truthy-but-not-true", signConsentSatisfied({ require_sign_consent: true }, "drawn", "true") === false);
ok("blocked: drawn+flag, consent 1 (not strict true)", signConsentSatisfied({ require_sign_consent: true }, "drawn", 1) === false);
ok("allowed: drawn+flag, consent true", signConsentSatisfied({ require_sign_consent: true }, "drawn", true) === true);

// --- consent text: client-safe, never describes fulfillment mechanics ---
const banned = ["ink", "plotter", "machine", "paper", "print", "CMS", "855", "10114", "MAC", "Baltimore", "PO Box", "robot", "reproduce"];
for (const w of banned) {
  ok(`consent text omits "${w}"`, !SIGN_CONSENT_TEXT.toLowerCase().includes(w.toLowerCase()));
}
// --- consent text: legally required reassurances present ---
ok("consent says 'single filing'", SIGN_CONSENT_TEXT.includes("single filing"));
ok("consent says 'not be reused'", SIGN_CONSENT_TEXT.includes("will not be reused"));
ok("consent says 'my own signature'", SIGN_CONSENT_TEXT.includes("my own signature"));
ok("consent says 'intent to sign'", SIGN_CONSENT_TEXT.includes("intent to sign"));
ok("consent says 'on my behalf'", SIGN_CONSENT_TEXT.includes("on my behalf"));

console.log(`\nesign signing-authorization: ${pass} checks passed`);