"""cryptpad — INSTALL overlay (Phase 1d, DG4): override + extend-by-composition.

Reuses the generic "really serving" assertion, then ADDS the recipe-specific checks: cryptpad answers
over real HTTPS through the gateway, and a real browser loads the live cryptpad landing page and sees
its served app (D2 install + D3 Playwright). Assertion-only on the shared deployment."""

import os
import sys

sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "..", "runner"))
from harness import browser as harness_browser  # noqa: E402
from harness import generic, lifecycle


def test_serving_and_content(live_app, meta):
    # extend-by-composition: reuse the generic "really serving" assertion first ...
    generic.assert_serving(live_app, meta)

    # ... then the recipe-specific assertions.
    # cryptpad answers over real HTTPS through the gateway (nginx -> cryptpad app).
    status = lifecycle.http_get(live_app, "/")
    assert status in (200, 301, 302), f"expected 2xx/3xx from {live_app}, got {status}"

    # A real browser loads the live cryptpad landing page and sees its served app.
    from playwright.sync_api import sync_playwright

    url = f"https://{live_app}/"
    with sync_playwright() as p:
        browser = p.chromium.launch(args=["--no-sandbox"])
        try:
            ctx = browser.new_context(ignore_https_errors=True)
            page = ctx.new_page()
            # F2-3 hardening centralized in harness.browser
            resp = harness_browser.goto_with_retry(
                page, url, accept_statuses=(200, 304), goto_timeout_ms=60_000, wait_until="load"
            )
            assert resp is not None and resp.status in (
                200,
                304,
            ), f"page status {resp and resp.status}"
            body = page.content().lower()
            assert "cryptpad" in body or "<html" in body, "no cryptpad content served"
        finally:
            browser.close()