#!/usr/bin/env python3
"""Validate the Steev-named personal-agent profile distribution."""
from __future__ import annotations

import json
from pathlib import Path

import yaml

ROOT = Path(__file__).resolve().parents[1]
REQUIRED = [
    "AGENTS.md",
    "README.md",
    "WORKBOARD.yaml",
    "manifest.yaml",
    "AGENT.md",
    "CONTRACT.md",
    "DISCLOSURE.md",
    "docs/STEEV-MASTER.md",
    "docs/contracts/personal-agent-profile-surface-contract.json",
    "docs/prd/2026-06-14-personal-agent-context-runtime-prd.md",
    "docs/issues/2026-06-14-personal-agent-context-runtime-work-orders.md",
    "docs/supersession/2026-06-14-personal-agent-context-runtime-supersession-register.md",
]

REQUIRED_SURFACES = {
    "imessage.read",
    "mail.read",
    "mail.draft",
    "mail.send_with_confirmation",
    "calendar.read",
    "calendar.propose_event",
    "calendar.write_with_confirmation",
    "contacts.read",
    "contacts.write_with_confirmation",
    "drive.read",
    "drive.write_with_confirmation",
    "browser.host_runtime.full_control",
}

REQUIRED_REDACTION_TERMS = {
    "raw_messages",
    "mail_bodies",
    "contact_details",
    "calendar_event_details",
    "drive_file_names",
    "endpoint_payloads",
    "credentials",
    "cookies",
    "keychain_values",
    "password_manager_values",
    "secret_values",
}


def read_text(rel: str) -> str:
    return (ROOT / rel).read_text(encoding="utf-8")


def load_contract(errors: list[str]) -> dict:
    rel = "docs/contracts/personal-agent-profile-surface-contract.json"
    path = ROOT / rel
    if not path.exists():
        return {}
    try:
        return json.loads(path.read_text(encoding="utf-8"))
    except json.JSONDecodeError as exc:
        errors.append(f"contract_json_invalid:{rel}:{exc.lineno}:{exc.colno}")
        return {}


def main() -> int:
    errors: list[str] = []
    for rel in REQUIRED:
        if not (ROOT / rel).exists():
            errors.append(f"missing:{rel}")
    board = ROOT / "WORKBOARD.yaml"
    if board.exists():
        text = board.read_text(encoding="utf-8")
        for snippet in ["STEEV-WORK-001", "PACR-001", "PACR-002", "status: candidate", "owner: jp"]:
            if snippet not in text:
                errors.append(f"workboard_missing:{snippet}")
    agents = ROOT / "AGENTS.md"
    if agents.exists():
        text = agents.read_text(encoding="utf-8")
        for snippet in ["child-local", "not Cortex OS Core authority", "python3 tools/validate_steev_child.py"]:
            if snippet not in text:
                errors.append(f"agents_missing:{snippet}")

    manifest = ROOT / "manifest.yaml"
    if manifest.exists():
        data = yaml.safe_load(manifest.read_text(encoding="utf-8")) or {}
        if data.get("profile_identity") != "personal-agent":
            errors.append("manifest_profile_identity_not_personal_agent")
        if data.get("display_name") != "Steev":
            errors.append("manifest_display_name_not_steev")
        if data.get("profile") != "steev":
            errors.append("manifest_distribution_alias_not_steev")

    contract = load_contract(errors)
    if contract:
        if contract.get("profile_identity") != "personal-agent":
            errors.append("contract_profile_identity_not_personal_agent")
        if contract.get("display_name") != "Steev":
            errors.append("contract_display_name_not_steev")
        if contract.get("distribution_alias") != "steev":
            errors.append("contract_distribution_alias_not_steev")
        memory = contract.get("memory_policy", {})
        if memory.get("allowed_target") != "secondbrain-personal":
            errors.append("contract_memory_allowed_target_not_secondbrain_personal")
        if "orgbrain" not in memory.get("forbidden_targets", []):
            errors.append("contract_memory_orgbrain_not_forbidden")
        if "proposal-only" not in memory.get("durable_write_policy", ""):
            errors.append("contract_memory_not_proposal_only")
        credential = contract.get("credential_policy", {})
        if credential.get("mode") != "keyvault-reference-names-only":
            errors.append("contract_credential_policy_not_keyvault_refs_only")
        redaction = set(contract.get("proof_redaction_policy", {}).get("forbidden_in_core_or_proof", []))
        missing_redaction = sorted(REQUIRED_REDACTION_TERMS - redaction)
        if missing_redaction:
            errors.append(f"contract_redaction_missing:{','.join(missing_redaction)}")
        states = set(contract.get("readiness_states", []))
        for state in ["ready", "degraded", "pending", "blocked", "disabled"]:
            if state not in states:
                errors.append(f"contract_readiness_state_missing:{state}")
        surfaces = contract.get("surfaces", [])
        surface_names = {surface.get("name") for surface in surfaces}
        missing_surfaces = sorted(REQUIRED_SURFACES - surface_names)
        if missing_surfaces:
            errors.append(f"contract_surfaces_missing:{','.join(missing_surfaces)}")
        for surface in surfaces:
            name = surface.get("name", "<unknown>")
            if not surface.get("capability_package"):
                errors.append(f"surface_missing_capability_package:{name}")
            if not isinstance(surface.get("allowed_effects"), list):
                errors.append(f"surface_allowed_effects_not_list:{name}")
            denied = surface.get("denied_effects")
            if not isinstance(denied, list):
                errors.append(f"surface_denied_effects_not_list:{name}")
            elif "orgbrain_write" not in denied:
                errors.append(f"surface_orgbrain_write_not_denied:{name}")
            if not surface.get("confirmation"):
                errors.append(f"surface_missing_confirmation_policy:{name}")

    for rel in ["AGENT.md", "CONTRACT.md", "DISCLOSURE.md", "README.md", "docs/STEEV-MASTER.md"]:
        path = ROOT / rel
        if not path.exists():
            continue
        text = path.read_text(encoding="utf-8")
        if "personal-agent" not in text:
            errors.append(f"visible_personal_agent_note_missing:{rel}")
        if "display name" not in text and "display/distribution alias" not in text:
            errors.append(f"visible_display_alias_note_missing:{rel}")

    supersession = ROOT / "docs/supersession/2026-06-14-personal-agent-context-runtime-supersession-register.md"
    if supersession.exists():
        text = supersession.read_text(encoding="utf-8")
        for snippet in [
            "active-authority",
            "active-alias",
            "active-capability-package",
            "superseded",
            "legacy-reference",
            "blocked-follow-up",
            "secondbrain-personal",
            "`orgbrain` as denied",
            "PACR-010",
        ]:
            if snippet not in text:
                errors.append(f"supersession_missing:{snippet}")
        for stale in ["SPCR-", "steev-personal-context-runtime"]:
            if stale in text:
                errors.append(f"supersession_stale_reference:{stale}")

    result = {
        "ok": not errors,
        "validator": "personal-agent-profile-distribution-v2",
        "checked": REQUIRED,
        "errors": errors,
        "warnings": [],
    }
    print(json.dumps(result, indent=2, sort_keys=True))
    return 0 if result["ok"] else 1


if __name__ == "__main__":
    raise SystemExit(main())