// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;

import "forge-std/Test.sol";
import "../../src/TokenFactory138.sol";
import "../../src/eMoneyToken.sol";
import "../../src/PolicyManager.sol";
import "../../src/ComplianceRegistry.sol";
import "../../src/DebtRegistry.sol";
import "../../src/BridgeVault138.sol";
import "../../src/interfaces/ITokenFactory138.sol";
import "../../src/interfaces/IDebtRegistry.sol";
import "../../src/errors/TokenErrors.sol";
import "../../src/libraries/ReasonCodes.sol";
import "@openzeppelin/contracts/proxy/ERC1967/ERC1967Proxy.sol";

contract FullFlowTest is Test {
    TokenFactory138 public factory;
    eMoneyToken public token;
    PolicyManager public policyManager;
    ComplianceRegistry public complianceRegistry;
    DebtRegistry public debtRegistry;
    BridgeVault138 public bridgeVault;

    address public admin;
    address public deployer;
    address public issuer;
    address public enforcement;
    address public bridgeOperator;
    address public user1;
    address public user2;
    address public bridge;

    function setUp() public {
        admin = address(0x1);
        deployer = address(0x2);
        issuer = address(0x3);
        enforcement = address(0x4);
        bridgeOperator = address(0x5);
        user1 = address(0x10);
        user2 = address(0x20);
        bridge = address(0xB0);

        // Deploy core contracts
        complianceRegistry = new ComplianceRegistry(admin);
        debtRegistry = new DebtRegistry(admin);
        policyManager = new PolicyManager(admin, address(complianceRegistry), address(debtRegistry));

        // Deploy token implementation
        eMoneyToken implementation = new eMoneyToken();

        // Deploy factory
        factory = new TokenFactory138(
            admin,
            address(implementation),
            address(policyManager),
            address(debtRegistry),
            address(complianceRegistry)
        );

        // Deploy bridge vault
        bridgeVault = new BridgeVault138(admin, address(policyManager), address(complianceRegistry));

        // Set up roles - admin already has DEFAULT_ADMIN_ROLE from constructors
        // Use vm.startPrank to impersonate admin for role grants
        vm.startPrank(admin);
        factory.grantRole(factory.TOKEN_DEPLOYER_ROLE(), deployer);
        bridgeVault.grantRole(bridgeVault.BRIDGE_OPERATOR_ROLE(), bridgeOperator);
        policyManager.grantRole(policyManager.POLICY_OPERATOR_ROLE(), admin);
        policyManager.grantRole(policyManager.POLICY_OPERATOR_ROLE(), address(factory));
        complianceRegistry.grantRole(complianceRegistry.COMPLIANCE_ROLE(), admin);
        debtRegistry.grantRole(debtRegistry.DEBT_AUTHORITY_ROLE(), admin);
        vm.stopPrank();

        // Deploy token via factory
        ITokenFactory138.TokenConfig memory config = ITokenFactory138.TokenConfig({
            issuer: issuer,
            decimals: 18,
            defaultLienMode: 2, // Encumbered
            bridgeOnly: false,
            bridge: bridge
        });

        vm.prank(deployer);
        address tokenAddress = factory.deployToken("eMoney Token", "EMT", config);
        token = eMoneyToken(tokenAddress);

        // Set up compliance
        vm.startPrank(admin);
        complianceRegistry.setCompliance(user1, true, 1, bytes32(0));
        complianceRegistry.setCompliance(user2, true, 1, bytes32(0));
        complianceRegistry.setCompliance(issuer, true, 1, bytes32(0));
        complianceRegistry.setCompliance(address(bridgeVault), true, 1, bytes32(0));
        vm.stopPrank();

        // Grant enforcement role - issuer has DEFAULT_ADMIN_ROLE from token initialization
        vm.startPrank(issuer);
        token.grantRole(token.ENFORCEMENT_ROLE(), enforcement);
        vm.stopPrank();
    }

    function test_fullLifecycle() public {
        // 1. Mint tokens
        vm.prank(issuer);
        token.mint(user1, 1000, ReasonCodes.OK);

        assertEq(token.balanceOf(user1), 1000);
        assertEq(token.freeBalanceOf(user1), 1000);

        // 2. Normal transfer
        vm.prank(user1);
        token.transfer(user2, 300);

        assertEq(token.balanceOf(user1), 700);
        assertEq(token.balanceOf(user2), 300);

        // 3. Place lien
        vm.prank(admin);
        uint256 lienId = debtRegistry.placeLien(user1, 200, 0, 1, ReasonCodes.LIEN_BLOCK);

        assertEq(token.freeBalanceOf(user1), 500); // 700 - 200

        // 4. Transfer within free balance
        vm.prank(user1);
        token.transfer(user2, 400);

        assertEq(token.balanceOf(user1), 300);
        assertEq(token.balanceOf(user2), 700);

        // 5. Transfer exceeding free balance should fail
        vm.expectRevert(
            abi.encodeWithSelector(TransferBlocked.selector, ReasonCodes.INSUFF_FREE_BAL, user1, user2, 101)
        );
        vm.prank(user1);
        token.transfer(user2, 101);

        // 6. Reduce lien
        vm.prank(admin);
        debtRegistry.reduceLien(lienId, 100);

        assertEq(token.freeBalanceOf(user1), 200); // 300 - 100

        // 7. Transfer with reduced encumbrance
        vm.prank(user1);
        token.transfer(user2, 150);

        // 8. Release lien
        vm.prank(admin);
        debtRegistry.releaseLien(lienId);

        assertEq(token.freeBalanceOf(user1), 150); // No encumbrance

        // 9. Transfer remaining balance
        vm.prank(user1);
        token.transfer(user2, 150);

        assertEq(token.balanceOf(user1), 0);
    }

    function test_privilegedOperations() public {
        vm.prank(issuer);
        token.mint(user1, 1000, ReasonCodes.OK);

        // Place lien
        vm.prank(admin);
        debtRegistry.placeLien(user1, 500, 0, 1, ReasonCodes.LIEN_BLOCK);

        // Clawback bypasses liens
        vm.prank(enforcement);
        token.clawback(user1, user2, 600, ReasonCodes.UNAUTHORIZED);

        assertEq(token.balanceOf(user1), 400);
        assertEq(token.balanceOf(user2), 600);

        // ForceTransfer bypasses liens but checks compliance
        vm.prank(enforcement);
        token.forceTransfer(user1, user2, 200, ReasonCodes.UNAUTHORIZED);

        assertEq(token.balanceOf(user1), 200);
        assertEq(token.balanceOf(user2), 800);
    }

    function test_bridgeOperations() public {
        vm.prank(issuer);
        token.mint(user1, 1000, ReasonCodes.OK);

        // Approve bridge
        vm.prank(user1);
        token.approve(address(bridgeVault), 500);

        // Lock tokens
        vm.prank(user1);
        bridgeVault.lock(address(token), 500, bytes32("ethereum"), user2);

        assertEq(token.balanceOf(address(bridgeVault)), 500);
        assertEq(token.balanceOf(user1), 500);

        // Unlock tokens (requires light client - would need actual implementation)
        // vm.prank(bridgeOperator);
        // bridgeVault.unlock(address(token), user2, 500, bytes32("ethereum"), bytes32("txhash"));
    }

    function test_hardFreezeMode() public {
        // Switch to hard freeze mode
        vm.prank(admin);
        policyManager.setLienMode(address(token), 1);

        vm.prank(issuer);
        token.mint(user1, 1000, ReasonCodes.OK);

        // Place lien
        vm.prank(admin);
        debtRegistry.placeLien(user1, 100, 0, 1, ReasonCodes.LIEN_BLOCK);

        // Any transfer should fail
        vm.expectRevert(
            abi.encodeWithSelector(TransferBlocked.selector, ReasonCodes.LIEN_BLOCK, user1, user2, 1)
        );
        vm.prank(user1);
        token.transfer(user2, 1);
    }

    function test_pauseAndResume() public {
        vm.prank(issuer);
        token.mint(user1, 1000, ReasonCodes.OK);

        // Pause
        vm.prank(admin);
        policyManager.setPaused(address(token), true);

        vm.expectRevert(
            abi.encodeWithSelector(TransferBlocked.selector, ReasonCodes.PAUSED, user1, user2, 100)
        );
        vm.prank(user1);
        token.transfer(user2, 100);

        // Resume
        vm.prank(admin);
        policyManager.setPaused(address(token), false);

        vm.prank(user1);
        token.transfer(user2, 100);

        assertEq(token.balanceOf(user2), 100);
    }
}