import os
os.environ["DATABASE_URL"] = "sqlite:///./test_secureflow.db"
from fastapi.testclient import TestClient
from app.main import app
from app.seed import seed

client = TestClient(app)

def setup_module():
    try: os.remove("test_secureflow.db")
    except FileNotFoundError: pass
    seed()

def auth():
    r=client.post("/api/auth/login", json={"email":"admin@secureflow.test","password":"SecureFlow123!"})
    assert r.status_code==200
    return {"Authorization": f"Bearer {r.json()['access_token']}"}

def test_login_and_dashboard():
    h=auth(); r=client.get("/api/dashboard", headers=h)
    assert r.status_code==200
    data=r.json(); assert "certified" not in data["disclaimer"].lower(); assert data["open_risks"] >= 1

def test_assessment_update_and_audit():
    h=auth(); rows=client.get("/api/assessments", headers=h).json(); aid=rows[0]["assessment"]["id"]
    r=client.put(f"/api/assessments/{aid}", headers=h, json={"answer":"Partial","notes":"Needs evidence","risk_level":"Medium","remediation_status":"In Progress"})
    assert r.status_code==200; assert r.json()["notes"]=="Needs evidence"

def test_risk_export_poam():
    h=auth(); r=client.get("/api/risks/export/poam.xlsx", headers=h)
    assert r.status_code==200
    assert r.content[:2] == b"PK"

def test_ai_logs_prompt_sources():
    h=auth(); r=client.post("/api/questionnaires/ai-answer", headers=h, json={"prompt":"Draft answer for MFA controls","related_control":"MFA"})
    assert r.status_code==200
    data=r.json(); assert "prompt" in data and "source_records" in data; assert "certification" not in data["response"].lower()