<?php

namespace Tests\Feature\Web;

use App\Enums\UserRole;
use App\Models\Customer;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;

class VmAuthorizationTest extends TestCase
{
    use RefreshDatabase;

    public function test_customer_only_sees_own_vms(): void
    {
        $customerUser = User::factory()->create(['role' => UserRole::Customer]);
        $otherUser = User::factory()->create(['role' => UserRole::Customer]);

        $ownVm = Customer::query()->create([
            'user_id' => $customerUser->id,
            'name' => 'own-vm',
            'domain' => 'own.hexahost.de',
            'status' => 'active',
        ]);

        Customer::query()->create([
            'user_id' => $otherUser->id,
            'name' => 'other-vm',
            'domain' => 'other.hexahost.de',
            'status' => 'active',
        ]);

        $this->actingAs($customerUser)
            ->get(route('vms.index'))
            ->assertOk()
            ->assertSee('own-vm')
            ->assertDontSee('other-vm');

        $this->actingAs($customerUser)
            ->get(route('vms.show', $ownVm))
            ->assertOk();

        $otherVm = Customer::query()->where('name', 'other-vm')->first();
        $this->actingAs($customerUser)
            ->get(route('vms.show', $otherVm))
            ->assertForbidden();
    }

    public function test_admin_sees_all_vms(): void
    {
        $admin = User::factory()->create(['role' => UserRole::Admin]);

        Customer::query()->create([
            'user_id' => User::factory()->create()->id,
            'name' => 'vm-a',
            'domain' => 'a.hexahost.de',
            'status' => 'active',
        ]);

        $this->actingAs($admin)
            ->get(route('vms.index'))
            ->assertOk()
            ->assertSee('vm-a');
    }
}