import { type PrivacyRetentionPolicyFieldKey, type RetentionPolicyLimitCarrier, privacyRetentionAuditDetailOptionDisabled, privacyRetentionLocalAllowsLowerLevel, privacyRetentionParentAllowsField } from "../src/features/privacy/policyLogic"; function assert(condition: unknown, message: string): void { if (!condition) throw new Error(message); } const field: PrivacyRetentionPolicyFieldKey = "raw_campaign_json_retention_days"; const parentPolicy: RetentionPolicyLimitCarrier = { allow_lower_level_limits: { store_raw_campaign_json: true, raw_campaign_json_retention_days: false, generated_eml_retention_days: true, stored_report_detail_retention_days: true, mock_mailbox_retention_days: true, audit_detail_retention_days: true, audit_detail_level: true } }; const localPatch: RetentionPolicyLimitCarrier = { allow_lower_level_limits: { raw_campaign_json_retention_days: true } }; assert(!privacyRetentionParentAllowsField(parentPolicy, field), "parent lock should disable the local field control"); assert(!privacyRetentionLocalAllowsLowerLevel(localPatch, parentPolicy, field, false), "local allow=true must not override a parent lock"); assert(privacyRetentionParentAllowsField(null, field), "missing parent policy should allow local field controls"); assert(privacyRetentionLocalAllowsLowerLevel({}, null, field, false), "unlocked inherited lower-level controls should remain enabled"); assert(!privacyRetentionLocalAllowsLowerLevel({ allow_lower_level_limits: { [field]: false } }, null, field, true), "system policy can disable lower-level choices"); assert(privacyRetentionAuditDetailOptionDisabled("full", "redacted"), "lower levels cannot widen audit detail from redacted to full"); assert(!privacyRetentionAuditDetailOptionDisabled("minimal", "redacted"), "lower levels can choose stricter audit detail than the parent"); assert(!privacyRetentionAuditDetailOptionDisabled("full", null), "system-level audit detail options are all viable");