import { test, expect } from '@playwright/test';
import { RoleAuthHelper, RoleName } from '../../helpers/helpers';

const PROTECTED_URLS = [
  { path: '/config/', label: 'Config Dashboard', allowed: ['px_admin'] },
  { path: '/config/sla/', label: 'SLA Config', allowed: ['px_admin'] },
  { path: '/config/routing/', label: 'Routing Rules', allowed: ['px_admin'] },
  { path: '/complaints/', label: 'Complaints', allowed: ['px_admin', 'hospital_admin', 'dept_manager', 'px_staff', 'physician', 'nurse', 'staff', 'viewer'] },
  { path: '/surveys/templates/', label: 'Survey Templates', allowed: ['px_admin', 'hospital_admin', 'dept_manager', 'px_staff', 'physician', 'nurse', 'staff', 'viewer'] },
  { path: '/surveys/analytics/', label: 'Survey Analytics', allowed: ['px_admin', 'hospital_admin', 'dept_manager', 'px_staff', 'physician', 'nurse', 'staff', 'viewer'] },
  { path: '/observations/', label: 'Observations', allowed: ['px_admin', 'hospital_admin', 'dept_manager', 'px_staff', 'physician', 'nurse', 'staff', 'viewer'] },
  { path: '/actions/', label: 'Action Center', allowed: ['px_admin', 'hospital_admin', 'dept_manager', 'px_staff', 'physician', 'nurse', 'staff', 'viewer'] },
  { path: '/organizations/', label: 'Organizations', allowed: ['px_admin', 'hospital_admin', 'dept_manager', 'px_staff', 'physician', 'nurse', 'staff', 'viewer'] },
  { path: '/physicians/', label: 'Physicians', allowed: ['px_admin', 'hospital_admin', 'dept_manager', 'px_staff', 'physician', 'nurse', 'staff', 'viewer'] },
  { path: '/projects/', label: 'Projects', allowed: ['px_admin', 'hospital_admin', 'dept_manager', 'px_staff', 'physician', 'nurse', 'staff', 'viewer'] },
  { path: '/standards/', label: 'Standards', allowed: ['px_admin', 'hospital_admin', 'dept_manager', 'px_staff', 'physician', 'nurse', 'staff', 'viewer'] },
  { path: '/reports/', label: 'Reports', allowed: ['px_admin', 'hospital_admin', 'dept_manager', 'px_staff', 'physician', 'nurse', 'staff', 'viewer'] },
  { path: '/px-sources/dashboard/', label: 'Source Dashboard', allowed: ['px_admin', 'hospital_admin', 'dept_manager', 'px_staff', 'physician', 'nurse', 'staff', 'viewer', 'source_user'] },
];

const ALL_ROLES: RoleName[] = [
  'px_admin', 'hospital_admin', 'dept_manager', 'px_staff',
  'physician', 'nurse', 'staff', 'viewer', 'source_user',
];

for (const role of ALL_ROLES) {
  test.describe(`${role} access matrix`, () => {
    test.describe.configure({ mode: 'parallel' });

    for (const url of PROTECTED_URLS) {
      const isAllowed = url.allowed.includes(role);
      const testName = isAllowed
        ? `CAN access ${url.label}`
        : `CANNOT access ${url.label}`;

      test(testName, async ({ page }) => {
        const auth = new RoleAuthHelper(page);
        await auth.login(role);
        await page.goto(url.path);
        await page.waitForLoadState('domcontentloaded');

        if (role === 'source_user') {
          if (url.path === '/px-sources/dashboard/') {
            expect(page.url()).toContain('px-sources');
          } else {
            const onSourcePage = page.url().includes('px-sources');
            expect(onSourcePage).toBeTruthy();
          }
        } else if (url.path.startsWith('/config/')) {
          if (role === 'px_admin') {
            expect(page.url()).not.toContain('login');
            expect(page.url()).not.toContain('command-center');
          } else {
            const blocked = page.url().includes('command-center') || page.url().includes('analytics');
            expect(blocked).toBeTruthy();
          }
        } else {
          if (isAllowed) {
            expect(page.url()).not.toContain('login');
          } else {
            expect(page.url()).toContain('login');
          }
        }
      });
    }
  });
}