"""cryptpad — recipe-specific Playwright test (Phase 2 P3 + P6).

CryptPad is end-to-end client-side encrypted (plan §4.3: "client-side-encryption: page is
JS-rendered, so use Playwright, not bare curl"). This test exercises CryptPad in a real browser:

1. Browses to `/`.
2. Asserts the page title or content carries CryptPad branding (proves the SPA renders).
3. Asserts at least one of CryptPad's canonical asset paths (`/customize/`, `/components/`,
   `main.js`) is referenced in the rendered DOM (proves the SPA bundle is wired client-side).
4. Asserts no JavaScript console errors appeared during the SPA load (proves the JS pipeline
   initialized without breaking).

**Deferred (Q3.4 follow-up):** the full "create a pad → type content → reload → read-back"
test was attempted in earlier drafts but proved version-fragile across CryptPad releases — the
recipe under test (10.6.0+5.7.0) does NOT auto-redirect `/pad/` to a fragment-keyed pad URL, and
the precise UI selector for the "new pad" / "rich text" app launcher varies across CryptPad
versions. The maximal testable subset (SPA renders + JS bundle loads + no console errors) IS
implemented here; the create-and-read-back deeper test is tracked in BACKLOG-2 for a follow-up
that pins to a specific CryptPad app-launch contract (Adversary sign-off pending per plan §7.1).
"""

from __future__ import annotations

import os
import sys

sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "..", "..", "runner"))
from harness import browser as harness_browser  # noqa: E402


def test_cryptpad_spa_renders_with_no_console_errors(live_app):
    """Browse to /; assert CryptPad SPA renders + JS bundle initialized + no console errors."""
    from playwright.sync_api import sync_playwright

    with sync_playwright() as p:
        browser = p.chromium.launch(args=["--no-sandbox"])
        try:
            ctx = browser.new_context(ignore_https_errors=True)
            page = ctx.new_page()
            console_errors: list[str] = []
            page.on(
                "console",
                lambda msg: console_errors.append(msg.text) if msg.type == "error" else None,
            )
            url = f"https://{live_app}/"
            harness_browser.goto_with_retry(
                page, url, accept_statuses=(200,), goto_timeout_ms=60_000, wait_until="load"
            )

            # SPA branding present in title or content
            title = (page.title() or "").lower()
            body = page.content()
            blower = body.lower()
            assert "cryptpad" in title or "cryptpad" in blower, (
                f"CryptPad SPA does not carry brand. title={title!r}, body excerpt: {body[:200]!r}"
            )

            # Canonical CryptPad asset references in the rendered DOM
            canonical = ("/customize/", "/components/", "main.js", "/api/broadcast")
            present = [c for c in canonical if c in body]
            assert present, (
                f"rendered DOM references NONE of {canonical} — SPA bundle not wired. "
                f"Body excerpt: {body[:300]!r}"
            )

            # CryptPad emits some Sentry/3rd-party console errors as info-level (not error) on
            # some versions. Filter our list to ONLY message strings that look like real errors
            # (the page.on filter already kept only msg.type == 'error'). Tolerate up to one
            # 401/403 (anonymous user) but flag any others.
            real_errors = [
                e
                for e in console_errors
                if "401" not in e and "403" not in e and "favicon" not in e.lower()
            ]
            assert not real_errors, (
                f"CryptPad SPA logged JavaScript console errors during initial load: "
                f"{real_errors[:5]}"
            )
        finally:
            browser.close()