/**
 * 审计修复验证脚本
 * 验证 F1: 今日体征概览 API 支持 patient_id 参数
 */
const http = require('http');

const BASE = 'http://localhost:3000/api/v1';

function request(method, path, body, token) {
  return new Promise((resolve, reject) => {
    const url = new URL(BASE + path);
    const opts = {
      hostname: url.hostname,
      port: url.port,
      path: url.pathname + url.search,
      method,
      headers: { 'Content-Type': 'application/json' },
      timeout: 10000,
    };
    if (token) opts.headers['Authorization'] = `Bearer ${token}`;
    const req = http.request(opts, (res) => {
      const chunks = [];
      res.on('data', (c) => chunks.push(c));
      res.on('end', () => {
        const raw = Buffer.concat(chunks).toString();
        try {
          resolve({ status: res.statusCode, data: JSON.parse(raw) });
        } catch {
          resolve({ status: res.statusCode, data: raw });
        }
      });
    });
    req.on('error', reject);
    req.on('timeout', () => { req.destroy(); reject(new Error('timeout')); });
    if (body) req.write(JSON.stringify(body));
    req.end();
  });
}

async function main() {
  console.log('=== 审计修复验证 ===\n');

  // 1. 登录
  console.log('1. 登录...');
  const loginRes = await request('POST', '/auth/login', {
    username: 'admin',
    password: 'Admin@2026',
  });
  const token = loginRes.data?.data?.access_token;
  if (!token) {
    console.error('   FAIL: 登录失败', JSON.stringify(loginRes.data).substring(0, 200));
    process.exit(1);
  }
  console.log('   OK: token 长度', token.length);

  // 2. 获取患者列表（找第一个患者 ID）
  console.log('\n2. 获取患者列表...');
  const patientsRes = await request('GET', '/health/patients?page=1&page_size=5', null, token);
  const patients = patientsRes.data?.data?.data || [];
  console.log('   患者数量:', patients.length);
  const patientId = patients[0]?.id;
  if (!patientId) {
    console.log('   WARN: 无患者数据，跳过后续测试');
    return;
  }
  console.log('   使用患者 ID:', patientId);

  // 3. F1 验证：今日体征概览 - 不带 patient_id
  console.log('\n3. F1 验证: 今日体征概览（不带 patient_id）...');
  const todayRes1 = await request('GET', '/health/vital-signs/today', null, token);
  console.log('   状态:', todayRes1.status, todayRes1.data?.success ? 'OK' : 'FAIL');

  // 4. F1 验证：今日体征概览 - 带 patient_id 参数
  console.log('\n4. F1 验证: 今日体征概览（带 patient_id 参数）...');
  const todayRes2 = await request('GET', `/health/vital-signs/today?patient_id=${patientId}`, null, token);
  console.log('   状态:', todayRes2.status, todayRes2.data?.success ? 'OK' : 'FAIL');
  if (todayRes2.status === 200 && todayRes2.data?.success) {
    console.log('   返回数据:', JSON.stringify(todayRes2.data.data || {}).substring(0, 200));
  } else {
    console.log('   响应:', JSON.stringify(todayRes2.data).substring(0, 300));
  }

  // 5. 验证趋势 API
  console.log('\n5. 趋势 API 验证...');
  const trendRes = await request('GET', '/health/vital-signs/trend?indicator=weight&range=7d', null, token);
  console.log('   状态:', trendRes.status, trendRes.data?.success ? 'OK' : 'FAIL');

  // 6. 日常监测 API 验证
  console.log('\n6. 日常监测 API 验证...');
  const dmRes = await request('POST', '/health/daily-monitoring', {
    patient_id: patientId,
    record_date: new Date().toISOString().slice(0, 10),
    weight: 999,  // 超出合理范围，验证后端校验
  }, token);
  console.log('   状态:', dmRes.status);
  // 后端应该接受或拒绝（取决于后端校验强度）
  if (dmRes.status >= 400) {
    console.log('   后端拒绝了请求（预期：应有范围校验）:', JSON.stringify(dmRes.data).substring(0, 200));
  } else {
    console.log('   后端接受了请求:', dmRes.data?.success ? 'OK' : 'FAIL');
  }

  console.log('\n=== 验证完成 ===');
}

main().catch((e) => {
  console.error('验证失败:', e.message);
  process.exit(1);
});